F5 BIG-IP Application Security Manager (ASM) v11x

COURSE OUTLINE:

Description

In this course, you will learn how to manage web-based and XML application attacks and how to use Application Security Manager to defend against these attacks.

You will cover installation, configuration, management, security policy building, traffic learning, and implementation of Application Security Manager in both stand-alone and modular configurations.

Audience

Those who need to learn to use Application Security Manager to defend against attacks.

Prerequisites

Understanding of:

  • Basic HTTP and HTML concepts
  • Basic security concepts
  • Common network terminology
  • Web application terminology

Proficiency in:

  • Basic PC operation and application skills, including operating a CD drive, keyboard, mouse, and Windows OS
  • Basic web browser operation (Internet Explorer)

Learning Objectives

  • HTTP and HTML concepts
  • Common HTTP vulnerabilities
  • HTTP classes
  • Security policy building
  • Wildcard entities
  • Traffic learning
  • Parameter configuration and protection
  • Security policy templates
  • Web services protection
  • Protocol Security Manager configuration
  • Logging profiles
  • Install and understand web application configuration
  • Configure a security policy based on live traffic
  • Rapid deployment techniques
  • Monitor and administer Application Security Manager

1. Installation and Initial Access

  • BIG-IP
  • Licensing and the Setup Utility
  • Provisioning

2. Web Application Concepts

  • Web Application Basics
  • Web Page Components
  • HTTP Concepts
  • HTTP Request Components
  • HTTP Headers

3. Web Application Vulnerabilities

  • Risk Mitigation and ASM

4. ASM Application Configuration

  • Configuration Components
  • HTTP Class
  • Virtual Servers
  • SSL Termination/Initiation
  • HTTP Request Flow

5. Security Policy

  • Security Policy Properties
  • Policy Enforcer
  • Security Policy Configuration
  • Security Policy Components

6. Security Policy Building Tool

  • Deployment Wizard
  • Rapid Deployment Concepts

7. Application-Ready Security Policy

8. Reporting

9. Administering ASM

  • User Management
  • Human Readable Policy
  • Synching Configurations
  • ASM qkview
  • Upgrading to v10

10. Configuration Lab Project 1

11. Traffic Learning

  • Learning Concepts
  • Violations

12. Parameters

  • Parameter Types
  • Parameter Levels

13. Security Policy Builder

14. Advanced Topics

  • ASM iRules
  • Flow Login Pages
  • Anomaly Detections

15. XML and Web Services

  • XML Concepts
  • Web Services Protection

16. Protocol Security Manager

  • FTP Protection
  • SMTP Protection
  • HTTP Protection
  • Protocol Security Manager Statistics
  • Configuring Protocol Security Manager

17. Configuration Lab Project 2

  • Review Questions