F5 Networks – Configuring BIG-IP Advanced WAF: Web Application Firewall

Course Duration

4 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

Completion of F5 Networks – Administering BIG-IP or equivalent BIG-IP experience is required.

Course Description

In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.

Learning Objectives

• Deploy and configure F5 Advanced WAF to protect web applications from HTTP-based attacks
• Tune WAF policies using both automatic and manual learning modes
• Detect and mitigate threats including web scraping, Layer 7 DoS, brute force, bot attacks, and code injection
• Analyze traffic flows and understand how F5 Advanced WAF processes HTTP requests and responses
• Configure and manage security policies, enforcement modes, and application language settings
• Use the Fiddler HTTP proxy and other tools to inspect and validate WAF behavior

Course Outline

• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP System Configuration
• Leveraging F5 Support Resources and Tools
• Identifying BIG-IP Traffic Processing Objects
• Overview of Network Packet Flow
• Understanding Profiles
• Overview of Local Traffic Policies
• Visualizing the HTTP Request Flow
• Overview of Web Application Request Processing
• Web Application Firewall: Layer 7 Protection
• F5 Advanced WAF Layer 7 Security Checks
• Overview of Web Communication Elements
• Overview of the HTTP Request Structure
• Examining HTTP Responses
• How F5 Advanced WAF Parses File Types, URLs, and Parameters
• Using the Fiddler HTTP Proxy
• A Taxonomy of Attacks: The Threat Landscape
• What Elements of Application Delivery are Targeted?
• Common Exploits Against Web Applications
• Defining Learning
• Comparing Positive and Negative Security Models
• The Deployment Workflow
• Policy Type: How Will the Policy Be Applied
• Policy Template: Determines the Level of Protection
• Policy Templates: Automatic or Manual Policy Building
• Assigning Policy to Virtual Server
• Deployment Workflow: Using Advanced Settings
• Selecting the Enforcement Mode
• The Importance of Application Language