F5 ASM Training

Configuring BIG-IP ASM: Application Security Manager v12


The BIG-IP Application Security Manager course gives participants a functional
understanding of how to deploy, tune, and operate BIG-IP Application Security Manager(ASM) to protect their web applications from HTTP-based attacks.
The course includes lecture, hands-on labs, and discussion about different ASM
components for detecting and mitigating threats from multiple attack vectors such web scraping,
Layer 7 Denial of Service, brute force, bots, code injection, and zero day.


4 Days


Strong Knowledge of BIGIP-LTM


Chapter 1: Setting Up the BIG-IP System

Introducing the BIG-IP System

Initially Setting Up the BIG-IP System

Archiving the BIG-IP System Configuration

Leveraging F5 Support Resources and Tools

Chapter 2: Traffic Processing with BIG-IP

Identifying BIG-IP Traffic Processing Objects

Understanding Network Packet Flow

Understanding Profiles

Overview of Local Traffic Policies and ASM

Chapter 3: Web Application Concepts

Overview of Web Application Request Processing

Web Application are vulnerable even with SSL

Layer 7 Protection with Web Application Firewalls

Examining HTTP and Web Application Components

Overview of Web Communication Elements

Parsing URLs

Overview of the HTTP Request Structure

HTTP Methods ASM Accepts by Default

Comparing POST with GET

Risks Within Other Methods

HTTP Request Components: Headers

Examining HTTP Responses

User Input Forms: Free Text Input

How ASM Parses File Types, URLs, and Parameters

Using the Fiddler HTTP Proxy Tool

Chapter 4: Common Web Application Vulnerabilities

Common Exploits Against Web Applications

Chapter 5: Security Policy Deployment

Comparing Positive and Negative Security Models

Approaching Deployment: Positive or Negative Security?

The Deployment Wizard: How will Policy Builder Be Used?

The Deployment Wizard Workflow

Reviewing Requests

Security Checks Offered by Rapid Deployment

Response Checks Using Data Guard

Chapter 6: Policy Tuning and Violations

Post-Configuration Traffic Processing

Defining False Positives

How Violations are Categorized

Violation Rating: A Threat Scale

Enforcement Settings & Staging: Global Policy Control

Defining Signature Staging

Defining the Enforcement Readiness Period

Defining Learning

Violations and Learning Suggestions

Defining Learning Suggestions

Choosing a Learning Mode: Automatic or Manual

Defining the Learn, Alarm and Block settings

Interpreting the Enforcement Readiness Summary

Configuring the Blocking Response Page

Chapter 7: Attack Signatures

Defining Attack Signatures

Creating User-Defined Attack Signatures

Defining Attack Signature Sets

Defining Attack Signature Pools

Updating Attack Signatures

Understanding Attack Signatures and Staging

Chapter 8: Positive Security Policy Building

Defining Security Policy Components

Choosing the Learning Scheme

How To Learn: Add All Entities

Staging and Entities: The Entity Lifecycle

How to Learn: Never (Wildcard Only)

How to Learn: Selective

Learning Differentiation: Real Threats or False Positives

Chapter 9: Cookies and Other Headers

ASM Cookies: What to Enforce

Understanding Allowed and Enforced Cookies

Configuring Security Processing on HTTP headers

Chapter 10: Reporting and Logging

Reporting: Build Your Own View

Brute Force and Web Scraping Statistics

PCI Compliance: PCI-DSS 3.0

Viewing DoS Reports

Generating a Security Events Report

Local Logging Facilities and Destinations

Viewing Current Log Files via Configuration Utility

Logging Profile: Build What You Need

Chapter 11: User Roles and Policy Modification

Defining User Roles

Allowed Object References across Partitions

Partitions Facilitate A

dministrative Agility

Comparing Security Policies

Merging Security Policies

Editing and Exporting Security Policies

Restoring with Policy History

Examples of ASM Deployment Types

ConfigSync and ASM Security Data

ASMQKVIEW: Provide to F5 Support for Troubleshooting

Chapter 12: Lab Project 1
Chapter 13: Advanced Parameter Handling

Defining Parameter Types

Defining Static Parameters

Defining Dynamic Parameters

Defining Dynamic Parameter Extraction Properties

Defining Parameter Levels

Other Parameter Considerations

Chapter 14: Application-Ready Templates

Templates: Pre-Configured Baseline Security

Chapter 15: Automatic Policy Building

Overview of Automatic Policy Building

Choosing a Policy Type

Defining Trusted and Untrusted IP Addresses

Defining the Learning Score

Chapter 16: Web Application Vulnerability Scanners

Integrating ASM with Vulnerability Scanners

Will Scan be Used for a New or Existing Policy?

Importing vulnerabilities

Resolving Vulnerabilities

Using the Generic XML Scanner XSD file

Chapter 17: Login Enforcement & Session Tracking

Defining a Login URL

Defining Session Tracking

Configuring Violation Detection Actions

Session Hijacking Mitigation

Fingerprinting Overview

Chapter 18: Brute Force and Web Scraping Mitigation

Defining Anomalies

Mitigating Brute Force Attacks via Login Page

Defining Session-Based Brute Force Protection

Defining Dynamic Brute Force Protection

Defining the Prevention Policy

Mitigating Web Scraping

Defining Geolocation Enforcement

Configuring IP Address Exceptions

Chapter 19: Layer 7 DoS mitigation

Defining Denial of Service Attacks

Defining DoS Profile General Settings

Defining TPS-based DoS Protection

Defining Operation Mode

Defining Mitigation Methods

Defining Stress-Based Detection

Defining Proactive Bot Defense

Using Bot Signatures

Chapter 20: ASM and iRules

Identifying iRule Components

Defining ASM iRule Commands

Triggering iRules with Events

Defining ASM iRule Events

Using ASM iRule Event Modes

Chapter 21: XML and Web Services

Defining XML

Defining Web Services

Using Web Services Security

Defining the XML Profile

XML Attack Signatures

Chapter 22: Web 2.0 Support: JSON Profiles

Defining Asynchronous JavaScript and XML

Defining JavaScript Object Notation (JSON)

Configuring a JSON profile

Chapter 23: Review and Final Labs

Download Soft Copy Request Course Details

  • rajeeve placement form fls

    Name: Rajeev Designation: Security Analyst Company: RED SHIFT

  • cnfs training institute

    Name: Avinash Designation: Remediation Engineer Company: A

  • pardhiv

    Name: Pardhiv reddy Designation: Security Analyst Company: FI

  • jagdeesh

    Name: Jagdeesh Kumar Designation: Security Analyst Company: Allied

  • sisir

    Name: Sisir Kumar Designation: Sr. Security Consultant Company:

  • venkatesh

    Name: Venkatesh Designation: System Admin

  • sampath

    Name: Sampath varma Designation: System Administrator Company:

  • kanisha

    Name: Kanishka Designation: Security Analyst Company: Torrid

  • pavan-kumar

    Name: Pavankumar Designation: Network Administrator Company: Trace Network S

  • rajesh-kumar

    Name: Rajesh Kumar Designation: ISMS Company: Exp