Complete F5 BIGIP 16.1 Bootcamp (LTM,ASM,DNS) P2 -ASM "WAF"

Name: Complete F5 BIGIP 16.1 Bootcamp (LTM,ASM,DNS) P2 -ASM "WAF"
Rating: 4.5 (27 reviews)

Complete F5 Technical & Practical Training For The Main Three Modules Of F5 ( LTM , ASM & DNS "GTM" ) .

Created byGiant Labs

Last updated 7/2024

English

What you'll learn

Take a complete overview of f5 bigip asm module and how it works
Define the main components of security policy and how to configure it
Identify the differences between learning and blocking settings
Take a complete real world project scenario
Make a real world penetration testing scenarios using kali linux

Course content

6 sections • 31 lectures • 8h 34m total length

Introduction45:42
Explore fall proxy in Big-IP, SSL interception with ESM, and deny-by-default security. Learn initial setup: licensing, management IP, and module provisioning.
ASM & LTM Relationship5:26
Web Application Firewall Concepts22:02
Learn how the F5 Big-IP WAF defends web applications at each HTTP stage by inspecting requests, responses, headers, and URL components, and enforcing PCI, bot, DDoS, and attack-signature protections.
Attacks Types & OWASP Top 1014:34
ASM Deployment & Main Concepts31:57
6- ASM Deployment Modes5:07

Manual Learning & Policy Tuning28:44
Explore how violations threaten web apps, define entities and items, set learn, allow, or block actions, and apply automatic learning with staging and enforcement.
Attack Signatures13:16
Explore how attack signatures detect web threats by matching request content and parameters against patterns in F5 BIG-IP. Create and deploy custom signatures within attack signature sets and policies.
Positive Policy Building Overview17:55
Explore building a positive security policy in the F5 BIG-IP WAF by whitelisting file types, URLs, and parameters, and transitioning from learning to blocking mode.
Learning Methods13:53
Explore learning methods in F5 BIG-IP labs—never, always, and selective—and learn how to configure file types, URLs, and parameters with wildcard attributes and learning suggestions.
Staging & Enforced9:04
Compact Learning8:21
Learn how the learning score drives compact learning mode in F5 BIGIP, using trusted IPs and multiple sources to generate learning suggestions and fast policy building.
Automatic Policy Building22:26

Securing Headers19:18
Learn to secure server cookies against session tampering using enforce cookies and hashing with the hsm, and strengthen http header security with attack signatures and normalization.
Logining Enforcement12:44
Learn how to enforce login to block unauthorized access to sensitive URLs, using login pages and authentication methods such as html form, http basic, and http digest, plus enforcement policies.
Brute Force Mitigation16:44
Session Tracking12:13
Enable session awareness in Big-IP ACM, identify users by username, device ID, IP, or cookies, and apply block, log, or delay blocking actions. Enforce attack signatures and monitor session status.
IP Addresses Handling5:38
Configure geolocation enforcement and manage IP addresses in security policies, including not assigned geolocations and anonymous proxies, plus IP address exceptions, trusted IP, and learning and blocking settings.
Parameters Handling25:31
Learn how to handle parameters securely by distinguishing user input, static, and dynamic parameters; detect tampering with dynamic parameters and apply positive and negative security models in a BigIP policy.
DOS Mitigation13:09
BOT Defense22:49

Policy Operations19:34
Vulnerability Scanner Integration3:52
Create a vulnerability assessment policy using a supported web scanner, import the XML results, and apply mitigations in the F5 Big-IP module to stop vulnerabilities.
Layered Policies2:21
iRules With ASM2:40
Learn iRules with ASM in BIG-IP 16.1, a TCL-based rule that steers client traffic by event, conditions, and actions, with normal and compatibility modes and HSM-ACM events.

Lab 1 Building A Comprehensive Policy43:29
Build and enforce a comprehensive F5 BIG-IP WAF policy using automatic learning and a trusted IP to protect a web app from Kali Linux attacks.
Lab 2 Injections Mitigated20:43
Learn how F5 ASM WAF defends html injection, xss, sql injection, and os command injection by applying attack signatures, checking parameters, and enforcing blocking under positive and negative security models.
Lab 3 Securing Web Server Resources20:46
Lab 4 Protection From Session Tampering Techniques22:07
Protect web apps from session tampering by countering csrf and session hijacking with f5 bigip asm waf. Learn to mitigate csrf, enforce cookie protections, and apply device id based defenses.
Lab 5 Brute Force Attacks Prevention12:17
Practice preventing brute force attacks on a web application by comparing Hydra Kali Linux and Burp Suite tools, applying login enforcement, and configuring brute force protection with the HSM module.

Requirements

Basic Networking
Basic Systems Administration
Basic Cybersecurity Terminology
LTM Basics

Description

In this first portion of this course ( Complete F5 Technical & Practical Training For The Main Three Modules Of F5 ( LTM , ASM & DNS "GTM" ) we will tackle the main needed topics to secure a web application through ASM "Application Security Manager" of f5 .

In the first section we will speak about an overview of ASM module and the theory of web application firewall , what are the main attack types that we can secure against and finally we'll tackle the main owasp top 10 vunlerabilities of any web application .

With the section section , we'll be familiar with how ASM learning methodolgy works and how we can tune the policy according to the learning results .

In the third section , we'll understand deeply the concept of automatic learning and how we can create a policy in an automatic mode to automatically enable our asm to accept learning suggestion without any intervention from the administrator .

Then , we'll take a deep look into the main objects to secure related to the web application against some popular attacks like ( brute force attacks , DOS attacks , bot attacks and others ) .

After that , we'll see how to work with parameters with all their types inside the web application ( static parameters and dynamic parameters ) .

Finally , we'll configure some features related to the administration of this module "ASM" and how to configure logging and also how to generate reports .

Who this course is for:

Application Security Engineers
Penetrations Testers
Networks Security Engineers
IT Systems Engineers

Complete F5 BIGIP 16.1 Bootcamp (LTM,ASM,DNS) P2 -ASM "WAF"

What you'll learn

Explore related topics

Course content

F5 Bigip ASM Overview6 lectures • 2hr 5min

Learning & Policy Tuning7 lectures • 1hr 54min

Objects Securing8 lectures • 2hr 8min

Administration & Integrations4 lectures • 28min

Real World Project With Penetration Testing Using Kali Linux5 lectures • 1hr 59min

Logging & Reporting1 lecture0

Requirements

Description

Who this course is for: