F5 Advanced Web Application Firewall (AWAF) (AWAF)

 

Course Overview

The F5 Advanced Web Application Firewall (WAF) provides a powerful set of security features that will keep your Web Applications safe from attack. Many WAFs offer a basic level of protection from attack at the higher layers of the OSI stack, but the F5 Advanced WAF takes things even further with the following security features:

  • Proactive Bot Protection: Proactively defend your applications against automated attacks by bot and other attack tools. This prevents layer 7 DoS attacks, web scraping, and brute-force attacks. Proactive bot defense helps identify and mitigate attacks before they cause damage to the site.
  • DataSafe: Protect sensitive information from interception by encrypting data while it’s still in the browser. DataSafe encrypts data at the application layer to protect against malware and keyloggers. This renders leaked credentials or data useless.
  • Behavioral DoS: Behavioral DoS provides automatic protection against DDoS attacks by analyzing traffic behavior using machine learning and data analysis. By continuously monitoring server health and load, anomalies (performance slowdowns or traffic spikes) can be accurately detected and mitigated as needed.
  • Flexible Deployment: Available as a purpose-built appliance, a cloud-ready virtual appliance, or part of the F5 Silverline service

Objectifs

The BIG-IP Advanced Web Application Firewall (WAF) training will detail all the features described above. Throughout this training you'll also deploy and configure a BIG-IP with the Advanced Web Application Firewall (WAF) module to secure a web application from various threats. Among other things, you will learn how to :

  • - Mitigate Credential Stuffing using Advanced WAF
  • - Use DataSafe to Secure a Login URL
  • - Mitigating Bots using L7 BaDoS

Contenu

Chapter 1: Threat Overview

  • a. Differentiate client-side and application-side vulnerabilities
  • b. Definition of F5 Advanced WAF
  • Lab 1.1: Advanced WAF license check/DataSafe/ASM provisioning
  • c. Definition of Advanced WAF-related configuration objects
  • Lab 1.2: Guided Configuration for Web Application Security (Creates rapid deployment based policy, transparent enforcement mode, generic attack signature set, logging profile, application language, virtual server, pool, and node.)

Chapter 2: Securing HTTP Traffic

  • a. HTTP request/response overview (brief)
  • b. How Advanced WAF parses the request
  • c. Reviewing Requests in Advanced WAF (define legal requests, review logging profile)
  • Lab 2.1: Fiddler lab (normal traffic to virtual server, i.e. /Login.php)
  • d. Identify headers
  • e. Identify methods
  • f. Identify POST data (username and password in the payload)
  • g. Locate legal requests, view source/destination IP, request status
  • h. Overview of application side vulnerabilities
  • Lab 2.3: Explore Vulnerabilities and Violations
  • i. Use Fiddler to send OPTION request (remove Fiddler User Agent)
  • j. nmap -sV –script=http-php-version 10.10.X.102 (reveals OS/PHP version)

Chapter 3: Policy Tuning

  • a. Handling learning suggestions
  • b. Enforcing attack signatures
  • c. Overview of file types (add a disallowed file type to prevent access to .txt files)
  • d. Policy enforcement
  • Lab 3.1: Mitigate vulnerabilities

Chapter 4: Threat Campaigns

  • a. Review attack signatures/regex example
  • b. Define Threat Campaigns in the context of accuracy
  • Lab 4.1: Trigger Threat Campaign (should be a 5-minute lab where we trigger something in a PHP Threat Campaign set).

Chapter 5: Mitigating Credential Stuffing

  • a. Overview of Credential Stuffing
  • b. Credential stuffing configuration (requires security policy and logon page.)
  • Lab 5.1: Mitigate Credential Stuffing using Advanced WAF

Chapter 6: DataSafe and Layer 7 Encryption/Obfuscation

  • c. Overview of DOM vulnerabilities
  • d. DataSafe anti-fraud profile configuration
  • Lab 6.1: Use DataSafe to Secure a Login URL

Chapter 7: Layer 7 Behavioral DoS

  • e. Overview of Proactive Bot Defense
  • f. Definition of dynamic bot signatures
  • g. Security Guided Setup for Behavioral Analysis DoS (setup does not include DoS logging profile at this time. This will need to be completed post-guided setup)
  • Lab 7.1: Mitigating Bots using L7 BaDoS
Classroom training

Durée 1 jour

Prix (Hors Taxe)
  • France:
    Country: FR
    995,- €

Actuellement aucune session planifiée  Demande de date