F5 BIG-IP Application Security Manager (ASM) v11x
COURSE OUTLINE:
In this course, you will learn how to manage web-based and XML application attacks and how to use Application Security Manager to defend against these attacks.
You will cover installation, configuration, management, security policy building, traffic learning, and implementation of Application Security Manager in both stand-alone and modular configurations.
Audience
Those who need to learn to use Application Security Manager to defend against attacks.
Prerequisites
Understanding of:
- Basic HTTP and HTML concepts
- Basic security concepts
- Common network terminology
- Web application terminology
Proficiency in:
- Basic PC operation and application skills, including operating a CD drive, keyboard, mouse, and Windows OS
- Basic web browser operation (Internet Explorer)
Learning Objectives
- HTTP and HTML concepts
- Common HTTP vulnerabilities
- HTTP classes
- Security policy building
- Wildcard entities
- Traffic learning
- Parameter configuration and protection
- Security policy templates
- Web services protection
- Protocol Security Manager configuration
- Logging profiles
- Install and understand web application configuration
- Configure a security policy based on live traffic
- Rapid deployment techniques
- Monitor and administer Application Security Manager
1. Installation and Initial Access
- BIG-IP
- Licensing and the Setup Utility
- Provisioning
2. Web Application Concepts
- Web Application Basics
- Web Page Components
- HTTP Concepts
- HTTP Request Components
- HTTP Headers
3. Web Application Vulnerabilities
- Risk Mitigation and ASM
4. ASM Application Configuration
- Configuration Components
- HTTP Class
- Virtual Servers
- SSL Termination/Initiation
- HTTP Request Flow
5. Security Policy
- Security Policy Properties
- Policy Enforcer
- Security Policy Configuration
- Security Policy Components
6. Security Policy Building Tool
- Deployment Wizard
- Rapid Deployment Concepts
7. Application-Ready Security Policy
8. Reporting
9. Administering ASM
- User Management
- Human Readable Policy
- Synching Configurations
- ASM qkview
- Upgrading to v10
10. Configuration Lab Project 1
11. Traffic Learning
- Learning Concepts
- Violations
12. Parameters
- Parameter Types
- Parameter Levels
13. Security Policy Builder
14. Advanced Topics
- ASM iRules
- Flow Login Pages
- Anomaly Detections
15. XML and Web Services
- XML Concepts
- Web Services Protection
16. Protocol Security Manager
- FTP Protection
- SMTP Protection
- HTTP Protection
- Protocol Security Manager Statistics
- Configuring Protocol Security Manager
17. Configuration Lab Project 2
- Review Questions