Configuring BIG-IP ASM: Application Security Manager Course Overview

Configuring BIG-IP ASM: Application Security Manager Course Overview

The "Configuring BIG-IP ASM: Application Security Manager" course is designed to educate learners on how to protect web applications from a wide array of security threats using the F5 BIG-IP Application Security Manager (ASM). It covers the setup of the BIG-IP system, understanding web application concepts, recognizing vulnerabilities, and deploying security policies. By going through modules on traffic processing, policy tuning, attack signatures, and reporting, learners will gain a comprehensive understanding of web application firewall configurations and mitigation techniques.

The course will help learners become proficient in creating and managing ASM security policies, integrating vulnerability scanner outputs, mitigating web scraping, handling layer 7 DoS attacks, and leveraging advanced bot protection. It also delves into policy administration, parameter handling, and the use of F5 iRules for customized control. Through hands-on lab projects, participants will have practical experience in applying their knowledge to real-world scenarios. Overall, this course prepares learners to effectively secure applications using BIG-IP ASM, enhancing their abilities in web application security and networking.

Purchase This Course

1,700

  • Live Training (Duration : 40 Hours)
  • Per Participant
  • Guaranteed-to-Run (GTR)
  • date-img
  • date-img

♱ Excluding VAT/GST

Classroom Training price is on request

You can request classroom training in any city on any date by Requesting More Information

  • Live Training (Duration : 40 Hours)
  • Per Participant

♱ Excluding VAT/GST

Classroom Training price is on request

You can request classroom training in any city on any date by Requesting More Information

Request More Information

Email:  WhatsApp:

Koenig's Unique Offerings

Course Prerequisites

To ensure a successful learning experience in the Configuring BIG-IP ASM: Application Security Manager course, it is recommended that participants have the following minimum prerequisites:


  • Understanding of basic networking concepts and terminology, including OSI model, TCP/IP, and routing and switching.
  • Familiarity with web application terminology and architecture, including how web servers and browsers interact using HTTP and HTTPS.
  • Basic knowledge of web application vulnerabilities and security concepts, such as SQL injection, cross-site scripting (XSS), and other common threats.
  • Experience with common network and web protocols, as well as the ability to interpret and modify network traffic using tools like Fiddler or Wireshark.
  • Administrative experience with BIG-IP, including initial setup and basic configuration tasks.

Please note that these prerequisites are designed to ensure you have a foundational understanding that will allow you to fully grasp the course content. Previous experience with F5 products is beneficial but not mandatory. With the right motivation and willingness to learn, we are committed to helping you succeed in this course and deepen your understanding of application security management.


Target Audience for Configuring BIG-IP ASM: Application Security Manager

The "Configuring BIG-IP ASM" course equips IT professionals with skills to secure web applications using F5's ASM.


  • Network Security Engineers
  • Application Security Specialists
  • System Administrators managing F5 BIG-IP environments
  • Security Operations (SecOps) personnel
  • Infrastructure Architects focusing on security solutions
  • IT Professionals involved in cybersecurity measures
  • Network Administrators seeking to enhance web application security
  • F5 Technology Specialists and Consultants
  • Security Analysts responsible for application security
  • DevOps Engineers interested in security automation
  • IT Managers overseeing network and application security
  • Technical Support Engineers for F5 products
  • Compliance Officers managing web application compliance standards


Learning Objectives - What you will Learn in this Configuring BIG-IP ASM: Application Security Manager?

Introduction to Learning Outcomes

Gain expertise in securing web applications with F5's BIG-IP Application Security Manager (ASM). This course provides skills in traffic processing, policy creation, and attack mitigation.

Learning Objectives and Outcomes

  • Understanding BIG-IP System Setup: Learn to configure and archive settings and utilize F5 support resources.
  • Traffic Processing and Profiles: Grasp the functionality of BIG-IP traffic processing objects and the flow of network packets, including HTTP request processing.
  • Web Application Firewall (WAF) Configuration: Understand how to deploy and manage ASM as a WAF, providing Layer 7 security.
  • Security Policy Deployment and Tuning: Learn to deploy security policies using various models, configure attack signatures, and tune policies to minimize false positives.
  • Identification and Handling of Common Web Vulnerabilities: Recognize common exploits and vulnerabilities in web applications and address them with ASM.
  • Attack Signature Management: Define, update, and manage attack signatures to protect against known threats.
  • Positive Security Policy Building: Build and manage a positive security model, learning how to enforce legitimate behavior and block malicious activities.
  • Integration with Vulnerability Scanners: Learn to integrate output from web application vulnerability scanners into the ASM for enhanced security.
  • Advanced Threat Protection: Configure mitigation techniques for Layer 7 DoS attacks, brute force attacks, web scraping, and bot protection.
  • Policy Administration with iRules and Content Profiles: Utilize iRules for customized traffic interception and create content profiles for modern web applications (AJAX, JSON).

These objectives aim to equip students with the skills necessary to effectively secure applications using BIG-IP ASM, ensuring comprehensive protection against a wide range of web application threats.

Target Audience for Configuring BIG-IP ASM: Application Security Manager

The "Configuring BIG-IP ASM" course equips IT professionals with skills to secure web applications using F5's ASM.


  • Network Security Engineers
  • Application Security Specialists
  • System Administrators managing F5 BIG-IP environments
  • Security Operations (SecOps) personnel
  • Infrastructure Architects focusing on security solutions
  • IT Professionals involved in cybersecurity measures
  • Network Administrators seeking to enhance web application security
  • F5 Technology Specialists and Consultants
  • Security Analysts responsible for application security
  • DevOps Engineers interested in security automation
  • IT Managers overseeing network and application security
  • Technical Support Engineers for F5 products
  • Compliance Officers managing web application compliance standards


Learning Objectives - What you will Learn in this Configuring BIG-IP ASM: Application Security Manager?

Introduction to Learning Outcomes

Gain expertise in securing web applications with F5's BIG-IP Application Security Manager (ASM). This course provides skills in traffic processing, policy creation, and attack mitigation.

Learning Objectives and Outcomes

  • Understanding BIG-IP System Setup: Learn to configure and archive settings and utilize F5 support resources.
  • Traffic Processing and Profiles: Grasp the functionality of BIG-IP traffic processing objects and the flow of network packets, including HTTP request processing.
  • Web Application Firewall (WAF) Configuration: Understand how to deploy and manage ASM as a WAF, providing Layer 7 security.
  • Security Policy Deployment and Tuning: Learn to deploy security policies using various models, configure attack signatures, and tune policies to minimize false positives.
  • Identification and Handling of Common Web Vulnerabilities: Recognize common exploits and vulnerabilities in web applications and address them with ASM.
  • Attack Signature Management: Define, update, and manage attack signatures to protect against known threats.
  • Positive Security Policy Building: Build and manage a positive security model, learning how to enforce legitimate behavior and block malicious activities.
  • Integration with Vulnerability Scanners: Learn to integrate output from web application vulnerability scanners into the ASM for enhanced security.
  • Advanced Threat Protection: Configure mitigation techniques for Layer 7 DoS attacks, brute force attacks, web scraping, and bot protection.
  • Policy Administration with iRules and Content Profiles: Utilize iRules for customized traffic interception and create content profiles for modern web applications (AJAX, JSON).

These objectives aim to equip students with the skills necessary to effectively secure applications using BIG-IP ASM, ensuring comprehensive protection against a wide range of web application threats.