F5 BIG-IP ASM v11.x - F5 Configuring BIG-IP ASM v11: Application Security Manager

F5 BIG-IP ASM v11.x - F5 Configuring BIG-IP ASM v11: Application Security Manager Course Description

Duration: 4.00 days (32 hours)

Price: $3,995.00

This four-day course covers ways to manage web-based and XML application attacks and the use of Application Security Manager to defend against these attacks. The course covers installation, configuration, management, security policy building, traffic learning, and implementation of Application Security Manager in both stand-alone and modular configurations. This class includes lectures, labs, demonstrations, and discussions.

Next Class Dates

Contact us to customize this class with your own dates, times and location. You can also call 1-888-563-8266 or chat live with a Learning Consultant.

Back to Top

Intended Audience for this F5 BIG-IP ASM v11.x - F5 Configuring BIG-IP ASM v11: Application Security Manager Course

  • » This course is intended for security and network administrators who will be responsible for the installation and day-to-day maintenance of the Application Security Manager.

Back to Top

F5 BIG-IP ASM v11.x - F5 Configuring BIG-IP ASM v11: Application Security Manager Course Objectives

  • » By course completion, the student will be able to implement and understand security policy configuration tasks and configure a security policy based on traffic learning and various security policy building techniques. Additionally, a student will be able to administer and manage Application Security Manager.

Back to Top

F5 BIG-IP ASM v11.x - F5 Configuring BIG-IP ASM v11: Application Security Manager Course Outline

      1. Preface
      2. F5 Networks
      3. F5 Product Suite Overview
      4. Hardware
      5. Virtual Editions
      6. F5 Services
      7. F5 Resources and Tools
      8. Module 1: Installation & Initial Access
      9. BIG-IP ASM Overview
      10. ASM Feature Set Summary
      11. ASM Protection Summary
      12. BIG-IP ASM Hardware Platforms
      13. BIG-IP ASM Deployment Types
      14. BIG-IP ASM Standalone
      15. BIG-IP ASM in-line with BIG-IP LTM
      16. Multiple BIG-IP ASM devices behind a BIG-IP LTM
      17. BIG-IP ASM module on BIG-IP LTM
      18. BIG-IP ASM Device Group
      19. BIG-IP ASM Virtual Edition (VE)
      20. Licensing and the Setup Utility
      21. Configuration Process
      22. Management Port Serial Console
      23. License Administration
      24. License Activation via the Configuration Utility
      25. Web Configuration Utility
      26. Command Line Access
      27. Provisioning
      28. Installation and Setup Labs
      29. Lab Installation and Setup
      30. Lab System Licensing
      31. Lab Setup Utility
      32. Lab Configuration Backup
      33. Module 2: Web Application Concepts
      34. Anatomy of a Web Application
      35. Secure Socket Layer
      36. Hardened Servers
      37. Network Firewalls
      38. Web Application Firewalls
      39. HTTP & HTML Web Page Components
      40. Overview of Web Communication
      41. Parsing URLs
      42. HTTP Requests
      43. GET Method
      44. POST Method
      45. HEAD Method
      46. Uniform Resource Identifier
      47. Query Strings
      48. HTTP Version
      49. HTTP Headers
      50. HTTP Responses
      51. HTTP Response Status Codes
      52. HTML Concepts Overview
      53. User Input Forms
      54. Using Fiddler
      55. Lab Fiddler
      56. Module 3: Web Application Vulnerabilities
      57. Web Application Vulnerabilities Overview
      58. Open Web Application Security Project Top 10 (2010)
      59. Injection attacks
      60. Cross Site Scripting
      61. Broken Authentication and Session Management
      62. Insecure Direct Object references
      63. Hidden Field Manipulation
      64. Cross Site Request Forgery
      65. Security Misconfiguration
      66. Insecure Cryptographic Storage
      67. Failure to Restrict URL Access
      68. Insufficient Transport Layer Protection
      69. Unvalidated Redirects and Forwards
      70. Parameter tampering
      71. Cookie Poisoning
      72. Denial of Service and Distributed Denial of Service
      73. Brute Force
      74. Risk Mitigation and ASM
      75. Lab HTTP Vulnerabilities
      76. Module 4: ASM Configuration
      77. Nodes
      78. Pool Member
      79. Pools
      80. Pool Configuration
      81. Virtual Servers
      82. Network Packet Flow
      83. HTTP Classes
      84. HTTP Traffic Classifiers
      85. HTTP Classes: Actions
      86. HTTP Class Profile Configuration
      87. SSL Termination/Initiation
      88. Virtual Server Configuration
      89. HTTP Request Flow
      90. Lab Pool, HTTP Profile, and Virtual Server Configuration
      91. Module 5: Security Policy Overview
      92. Positive Security Model
      93. Negative Security Model
      94. Basic Security Policy Creation and Initial Configuration
      95. Security Policy Name
      96. Defining an Application Language
      97. Application-Ready Security Policy
      98. Dynamic Session ID in URL
      99. Staging-Tightening Period
      100. Case Sensitive Security Policy
      101. Maximum HTTP Header Length
      102. Maximum Cookie Header Length
      103. Allowed Response Status Codes
      104. Trigger ASM iRule Events
      105. Trust XFF Header
      106. Security Policy Components
      107. File Types
      108. URLs
      109. Parameters
      110. Methods
      111. Headers
      112. Cookie Processing in ASM
      113. Wildcard Entities
      114. Violations and Traffic Learning
      115. Tightening
      116. Staging
      117. Requests
      118. Security Policy Blocking
      119. Learn, Alarm, and Block Flags
      120. Blocking Response Page
      121. Lab Security Policy Configuration
      122. Attack Signatures
      123. Attack Signature Pool
      124. Attack Signature Sets
      125. User-defined Attack Signatures
      126. Lab User-defined Attack Signatures
      127. Module 6: Deployment Wizard
      128. Deployment Wizard
      129. Rapid Deployment Scenarios
      130. Data Guard
      131. Rapid Deployment Methodology
      132. Lab Rapid Deployment
      133. Lab Data Guard
      134. Lab Attack Signatures
      135. Application-Ready Security Policy
      136. Rapid Deployment Configuration
      137. Lab Application-Ready Security Policy Lab
      138. Module 7: Vulnerability Assessment Tools
      139. Creating a new baseline policy
      140. Adding a vulnerability assessment to an existing policy
      141. Resolving vulnerabilities
      142. WhiteHat Sentinel
      143. IBM Rational AppScan
      144. Cenzic Hailstorm
      145. QualysGuard
      146. Lab Option 1: WhiteHat Sentinel
      147. Lab Option 2: Qualys
      148. Lab Option 3: AppScan
      149. Lab Option 4: Cenzic
      150. Module 8: Application Visibility & Reporting
      151. AVR Prerequisites
      152. Analytics profile
      153. Lab Analytics Profile Setup
      154. Dashboard
      155. Reporting Overview
      156. Charts
      157. PCI Compliance Reports
      158. Lab PCI Compliance Reporting
      159. Logs
      160. Viewing Log Files
      161. Logging Profiles
      162. Event Correlation
      163. Response Logging
      164. Lab Logging messages locally and remotely
      165. Lab Response logging
      166. Module 9: Administering ASM
      167. Defining partitions
      168. User Management and Roles
      169. Lab Partitions and User Roles
      170. Modifying Security Policies
      171. Lab Security Policy Modification
      172. ASM Synchronization
      173. Device Groups
      174. qkview
      175. Module 10: Lab Project
      176. Module 11: Traffic Learning
      177. Learning Concepts Overview
      178. Learning Process Resources
      179. Length Learning
      180. Pattern Learning
      181. Meta-Character Learning
      182. RFC Violations
      183. Access Violations
      184. Length Violations
      185. Input Violations
      186. Cookie Violations
      187. Lab Traffic Learning
      188. Module 12: Parameters
      189. Parameter Overview
      190. Parameter Types
      191. Sensitive Parameters
      192. User Input Parameter Value Types
      193. Static Parameter Value Types
      194. Dynamic Parameter Value Types
      195. Extractions
      196. XML Value Types
      197. JSON Value Types
      198. Parameter Character Sets
      199. Parameter Levels
      200. Global Parameters
      201. URL Parameters
      202. Flow Parameters
      203. Parameter Logic
      204. Lab Protecting Dynamic Parameters
      205. Lab Protecting Static Parameters
      206. Module 13: Real Traffic Policy Builder
      207. Real Traffic Policy Builder Configuration
      208. Real Traffic Policy Builder Configuration Example
      209. Real Traffic Policy Builder Policy Types
      210. Automatic Policy Building Stages
      211. Real Traffic Policy Builder Rules
      212. Trusted and Untrusted IPs
      213. Lab Automatic Security Policy Builder
      214. Lab Automatic Security Policy Builder (option2)
      215. Module 14: Advanced Topics
      216. iRules
      217. iRule Syntax
      218. ASM iRule Events
      219. ASM iRule Commands
      220. TcL Commands
      221. iRule Configuration
      222. Lab iRule creation and configuration
      223. Sessions and Logins
      224. Lab Login URL Creation
      225. Lab Session Awareness and Tracking
      226. Lab Username Session Tracking
      227. Anomaly Detection
      228. Denial of Service Attacks
      229. Brute Force Attacks
      230. Lab Session-based Brute Force
      231. IP Enforcer
      232. Web Scraping
      233. Lab Web Scraping
      234. Anti_Virus Protection
      235. Cross-site Request Forgery Protection
      236. Lab Cookie Enforcement
      237. eolocation Enforcement
      238. Lab Geolocation Enforcement
      239. IP Address Exceptions
      240. Lab IP Address Exception
      241. Module 15: XML and Web Services
      242. XML Concepts
      243. Web Services Concepts
      244. XML Profile
      245. Schema and WSDL Validation
      246. XML Attack Signatures
      247. Web Services Security
      248. Defense Configuration
      249. Associating and XML Profile with an URL
      250. Associating and XML Profile with a parameter
      251. Lab XML and Web Services
      252. Module 16: AJAX and JSON concepts
      253. AJAX Overview
      254. JSON Overview
      255. ASM Support of AJAX/JSON
      256. JSON Profile
      257. Associating a JSON Profile with a URL
      258. Associating a JSON Profile with a Parameter
      259. Lab JSON Parsing
      260. Module 17: Protocol Security Module
      261. FTP Overview
      262. FTP Security Profile Configuration
      263. SMTP Protection
      264. SMTP Security Profile Configuration
      265. HTTP Security
      266. HTTP Security Profile Configuration
      267. PSM Statistics
      268. Lab Protocol Security Module
      269. Module 18: IP Address Intelligence
      270. iprepd daemon
      271. Licensing
      272. Requirements
      273. Post-license troubleshooting
      274. ASM Settings
      275. IP Address Whitelist
      276. IP Address Intelligence categories
      277. IP Address Intelligence learning
      278. Module 19: Analytics Review & Final Project
      279. Lab Analytics Review
      280. Review Questions
      281. Lab Configuration Lab Project 2
      282. Appendix A (Installation Guidelines)
      283. Appendix B (New Features for 11.2)
      284. Appendix C Additional Topics
      285. Traffic Capturing Using HTTPWatch
      286. Lab Using HttpWatch
      287. Regular Expressions
      288. Writing Rules for User-Defined Attack Signatures
      289. Appendix D (Helpful hints)
      290. Appendix E (Protecting a production environment)
      291. PowerPoint Presentation Printout

Back to Top

Do you have the right background for F5 BIG-IP ASM v11.x - F5 Configuring BIG-IP ASM v11: Application Security Manager?

Skills Assessment

We ensure your success by asking all students to take a FREE Skill Assessment test. These short, instructor-written tests are an objective measure of your current skills that help us determine whether or not you will be able to meet your goals by attending this course at your current skill level. If we determine that you need additional preparation or training in order to gain the most value from this course, we will recommend cost-effective solutions that you can use to get ready for the course.

Our required skill-assessments ensure that:

  1. All students in the class are at a comparable skill level, so the class can run smoothly without beginners slowing down the class for everyone else.
  2. NetCom students enjoy one of the industry's highest success rates, and pass rates when a certification exam is involved.
  3. We stay committed to providing you real value. Again, your success is paramount; we will register you only if you have the skills to succeed.
This assessment is for your benefit and best taken without any preparation or reference materials, so your skills can be objectively measured.

Take your FREE Skill Assessment test »

Back to Top

Award winning, world-class Instructors

Our instructors are passionate at teaching and are experts in their respective fields. Our average NetCom instructor has many, many years of real-world experience and impart their priceless, valuable knowledge to our students every single day. See our world-class instructors.   See more instructors...

Back to Top

Client Testimonials & Reviews about their Learning Experience

We are passionate in delivering the best learning experience for our students and they are happy to share their learning experience with us.
Read what students had to say about their experience at NetCom.   Read student testimonials...

Back to Top

Ways to contact us

Back to Top