Configuring F5 Advanced WAF previously licensed as ASM - BIG-ASM-ESS


F5 Networks


Show Tabs

In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web
Application Firewall to protect their web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.

Prerequisites & Audience

There are no F5-technology-specific prerequisites for this course. However, completing the following before attending would be very helpful for students with limited BIG-IP administration and configuration experience:

Administering BIG-IP instructor-led course or F5 Certified BIG-IP Administrator

The following free web-based training courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.

Getting Started with BIG-IP web-based training

Getting Started with BIG-IP Application Security Manager (ASM) web-based training

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

OSI model encapsulation

Routing and switching

Ethernet and ARP

TCP/IP concepts

IP addressing and subnetting

NAT and private IP addressing

Default gateway

Network firewalls


Course Benefits

Students should be able to:

Describe the role of the BIG-IP system as a full proxy device in an application delivery network

Provision the F5 Advanced Web Application Firewall

Define a web application firewall

Describe how F5 Advanced Web Application Firewall protects a web application by securing file types, URLs, and parameters

Deploy F5 Advanced Web Application Firewall using the Rapid Deployment template (and other templates) and define the security checks included in each

Define learn, alarm, and block settings as they pertain to configuring F5 Advanced Web Application Firewall

Define attack signatures and explain why attack signature staging is important

Deploy Threat Campaigns to secure against CVE threats

Contrast positive and negative security policy implementation and explain benefits of each

Configure security processing at the parameter level of a web application

Deploy F5 Advanced Web Application Firewall using the Automatic Policy Builder

Tune a policy manually or allow automatic policy building

Integrate third party application vulnerability scanner output into a security policy

Configure login enforcement for flow control

Mitigate credential stuffing

Configure protection against brute force attacks

Deploy Advanced Bot Defense against web scrapers, all known bots, and other automated agents

Deploy DataSafe to secure client-side data

Course Topics

Resource provisioning for F5 Advanced Web Application Firewall

Traffic processing with BIG-IP Local Traffic Manager (LTM)

Web application concepts

Mitigating the OWASP Top 10 and other vulnerabilities

Security policy deployment

Security policy tuning

Deploying Attack Signatures and Threat Campaigns

Positive security building

Securing cookies and other headers

Reporting and logging

Advanced parameter handling

Using Automatic Policy Builder

Integrating with web vulnerability scanners

Login enforcement for flow control

Brute force and credential stuffing mitigation

Session tracking for client reconnaissance

Using Parent and Child policies

Layer 7 DoS protection

Transaction Per Second-based DoS protection

Layer 7 Behavioral DoS Protection

Configuring Advanced Bot Defense

Web Scraping and other Microservice Protection

Working with Bot Signatures

Using DataSafe to Secure the client side of the Document Object Model

303 ASM Specialist

F5 Networks courses

F5 Configuring BIGIP Viprion v15.1 - VIPRION
F5 Developing iRules for BIGIP v15.1 - IRULE-CFG
F5 Configuring BIGIP DNS formerly GTM V15.1 - GTM
F5 Configuring BIGIP APM: Access Policy Manager v15.1 - EGW-APM
F5 Troubleshooting Big IP LTM v15.1 - BIG-TRBL-INT2
F5 Administering BIGIP v15.1 - BIG-OP-ADMIN
F5 Configuring BIGIP LTM v15.1 : Local Traffic Manager - BIG-LTM-CFG-3
Configuring F5 Advanced WAF previously licensed as ASM - BIG-ASM-ESS
F5 Configuring BIGIP AFM: Advanced Firewall Manager - BIG-AFM-CFG
Configuring BIGIQ - BIG-IQ-CFG
F5 Networks Workshop
This website uses cookies to ensure you get the best experience on our website.