Course outline

F5 BIG-IP Application Security Manager (ASM) v12

Categories: F5 Networks, Guaranteed To Run™

Duration: 4 Days

The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.

There are no required F5 technology-specific prerequisites for this course. However, completing one the following before attending would be very helpful for students unfamiliar with BIG-IP: * Administering BIG-IP instructor-led course * F5 Certified BIG-IP Administrator The following web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience: * Getting Started with BIG-IP web-based training * Getting Started with BIG-IP Local Traffic Manager (LTM) web-based training * Getting Started with BIG-IP Application Security Manager (ASM) web-based training The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course: * Web application delivery concepts * HTTP and HTTPS protocols General awareness of web application vulnerabilities such as those defined in the OWASP Top Ten

This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.

  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP LTM
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signature
  • Positive security building
  • Security cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Layer 7 DoS protection
  • ASM and iRules
  • XML and web services protection
  • AJAX/JSON support
  • Guaranteed to Run™. This ensures you will attend the instructor led class or live online class you want as scheduled without any disruptive cancellations*. You book the training you need, get back to focusing on your job and are sure your training requirements will be met saving time, money and ensuring peace of mind.
  • This schedule icon the schedule indicates that this date/time will be conducted as Instructor Led Training (ILT) or a Virtual Instructor Led Training (VILT) depending on the indicated class availablity.
Privacy and Cookies

This website stores cookies on your computer which help us make the website work better for you.

Learn moreAccept and Close
Social media & sharing icons powered by UltimatelySocial