F5

Introduction:

This four-day course covers ways to manage Web-based and XML application attacks and the use of Application Security Manager to defend against these attacks. The course covers installation, configuration, management, security policy building, traffic learning, and implementation of Application Security Manager in both stand-alone and modular configurations. This class includes lectures, labs, demonstrations, and discussions.

Audience:

This class is intended for security and network administrators who will be responsible for the installation and day-to-day maintenance of the Application Security Manager.

Prerequisites:

Participants should understand: Basic HTTP and HTML concepts Basic security concepts Common network terminology Web application terminology In addition, participants should be proficient with: Basic PC operation and application skills, including operating a keyboard, mouse, Linux and Windows OS Basic Web browser operation (Internet Explorer and Mozilla Firefox are used in class)

Customize it:

This 4-5-day BIG-IP ASM course will be customized to your needs and specifications. Eno.com will assist you in identifying those needs and specifications. A word to the wise, there are many vendors of IT security training. They will typically have a broad and general course, one size fits all, already developed and just put your organization?s name on the title slide. This minimizes their effort and time investment. At Eno.com, every course is made to your exact and exacting specifications. We help you ensure what you are getting is what you really need even if at the beginning you weren't too sure of what that was. We fit the class to your needs. We never fit you into our standard, one size fits all, class.

Objectives:

Upon completing this course, a student will be able to install and understand web application configuration and configure a security policy based on live traffic, Wildcard entities and Rapid Deployment techniques. Additionally, a student will be able to monitor and administer Application Security Manager.

Course Outline and Labs Taught

Module 1: Installation & Initial Access BIG-IP ASM Overview Licensing and the Setup Utility Provisioning Installation and Setup Labs --Lab – Install and Setup Labs --Lab – Licensing System Lab --Lab – Setup Utility Lab --Lab – Configuration Utility Lab --Lab – Configuration Backup Lab --Lab – Provisioning Lab Module 2: Web Application Concepts Web Application Basics Overview Web Page Components HTTP Concepts HTTP Request Components HTTP Headers Using Fiddler --Lab – Fiddler Lab Module 3: Web Application Vulnerabilities Web Application Vulnerabilities Overview Risk Mitigation and ASM --Lab – HTTP Vulnerability Lab Module 4: ASM Application Configuration Configuration Components Enabling ASM HTTP Class Virtual Servers SSL Termination/Initiation HTTP Request Flow --Lab – ASM Application Configuration Lab Module 5: Security Policy Overview Security Policy Properties Policy Enforcer Security Policy Configuration Security Policy Components --Lab – Flow Access Lab --Lab – Attack Signatures Lab --Lab – Data Guard Lab Anomaly Detection Module 6: Traffic Learning Learning Concepts Violations Reporting Concepts --Lab – Traffic Learning Lab --Lab – Requests Lab Module 7: Parameters Parameters Parameter Types Parameter Levels Learning Parameters --Lab – Parameters Lab Module 8: Security Policy Builder Policy Builder Wildcard Entities Policy Building Methodology Module 9: Security Policy Building Tools Deployment Wizard Concepts --Lab – ASM Deployment Wizard Lab Policy Wizard Policy Building Using Manual Process --Lab – ASM Policy Wizard Lab Module 10: Application-Ready Security Policy Application-Ready Security Policy --Lab – Application-Ready Security Policy Lab Module 11: XML and Web Services XML Concepts Web Services Implementation of a Security Policy for Web Services --Lab – XML and Web Services Lab Module 12: Protocol Security Manager Protocol Security Manager Overview Protocol Security Manager for FTP Traffic Protocol Security Manager for SMTP Traffic Protocol Security Manager for HTTP Traffic Protocol Security Manager Statistics Configuring Protocol Security Manager --Lab – Protocol Security Manager FTP Lab Module 13: Logs and Logging Profiles Log Files Logging Profiles --Lab – Remote System Log Server Lab Module 14: Administering ASM User Management Syncing Configurations ASM qkview Upgrading to v10. --Lab – Administration Labs Module 15: Configuration Lab Project Configuration Lab Project

Other Expertise:

Complete Training Catalog Oracle Applications Training and Consulting Peoplesoft Applications Training and Consulting SAP Applications Training and Consulting Security Technologies Training and Consulting Telecommunications Training and Consulting Wireless Technology Training and Consulting

For organizational purchases, please send us a message at salesinfo@eno.com or complete and submit this form .