Learn the Skills to Configure the BIG-IP ASM: Application Security Manager Course

Download Course Contents

Configuring BIG-IP ASM: Application Security Manager Course Overview


Configuring BIG-IP ASM: Application Security Manager is an online course designed to teach students how to secure their applications from attacks through the use of BIG-IP Application Security Manager (ASM). The course covers topics such as installation, configuration, basic troubleshooting, and velocity scripting. Participants will learn how to configure BIG-IP ASM to protect their web applications against common attack vectors and understand the best practices for deployment and maintenance of ASM. They will also gain an understanding of the importance of flexible application security policies and techniques to protect data and privacy. After completing the course, participants will have the skills to configure and maintain their own secure web applications.

This is a Rare Course and it can be take up to 3 weeks to arrange the training.

Configuring BIG-IP ASM: Application Security Manager
home-icon

The 1-on-1 Advantage

Get 1-on-1 session with our expert trainers at a date & time of your convenience.
home-icon

Flexible Dates

Start your session at a date of your choice-weekend & evening slots included, and reschedule if necessary.
home-icon

4-Hour Sessions

Training never been so convenient- attend training sessions 4-hour long for easy learning.
home-icon

Destination Training

Attend trainings at some of the most loved cities such as Dubai, London, Delhi(India), Goa, Singapore, New York and Sydney.

You will learn:

Module 1: Setting Up the BIG-IP System
  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Archiving the BIG-IP System Configuration
  • Leveraging F5 Support Resources and Tools
  • Identifying BIG-IP Traffic Processing Objects
  • Overview of Network Packet Flow
  • Understanding Profiles
  • Overview of Local Traffic Policies
  • Visualizing the HTTP Request Flow
  • Overview of Web Application Request Processing
  • Web Application Firewall: Layer 7 Protection
  • ASM Layer 7 Security Checks
  • Overview of Web Communication Elements
  • Overview of the HTTP Request Structure
  • Examining HTTP Responses
  • How ASM Parses File Types, URLs, and Parameters
  • Using the Fiddler HTTP Proxy
  • A Taxonomy of Attacks: The Threat Landscape
  • What Elements of Application Delivery are Targeted?
  • Common Exploits Against Web Applications
  • Defining Learning
  • Comparing Positive and Negative Security Models
  • The Deployment Workflow
  • Policy Type: How Will the Policy Be Applied
  • Policy Template: Determines the Level of Protection
  • Policy Templates: Automatic or Manual Policy Building
  • Assigning Policy to Virtual Server
  • Deployment Workflow: Using Advanced Settings
  • Selecting the Enforcement Mode
  • The Importance of Application Language
  • Configure Server Technologies
  • Verify Attack Signature Staging
  • Viewing Requests
  • Security Checks Offered by Rapid Deployment
  • Defining Attack Signatures
  • Using Data Guard to Check Responses
  • Post-Deployment Traffic Processing
  • Defining Violations
  • Defining False Positives
  • How Violations are Categorized
  • Violation Rating: A Threat Scale
  • Defining Staging and Enforcement
  • Defining Enforcement Mode
  • Defining the Enforcement Readiness Period
  • Reviewing the Definition of Learning
  • Defining Learning Suggestions
  • Choosing Automatic or Manual Learning
  • Defining the Learn, Alarm and Block Settings
  • Interpreting the Enforcement Readiness Summary
  • Configuring the Blocking Response Page
  • Defining Attack Signatures
  • Attack Signature Basics
  • Creating User-Defined Attack Signatures
  • Defining Simple and Advanced Edit Modes
  • Defining Attack Signature Sets
  • Defining Attack Signature Pools
  • Understanding Attack Signatures and Staging
  • Updating Attack Signatures
  • Defining and Learning Security Policy Components
  • Defining the Wildcard
  • Defining the Entity Lifecycle
  • Choosing the Learning Scheme
  • How to Learn: Never (Wildcard Only)
  • How to Learn: Always
  • How to Learn: Selective
  • Reviewing the Enforcement Readiness Period: Entities
  • Viewing Learning Suggestions and Staging Status
  • Violations Without Learning Suggestions
  • Defining the Learning Score
  • Defining Trusted and Untrusted IP Addresses
  • How to Learn: Compact
  • ASM Cookies: What to Enforce
  • Defining Allowed and Enforced Cookies
  • Configuring Security Processing on HTTP headers
  • Overview: Big Picture Data
  • Reporting: Build Your Own View
  • Reporting: Chart based on filters
  • Brute Force and Web Scraping Statistics
  • Viewing ASM Resource Reports
  • PCI Compliance: PCI-DSS 3.0
  • The Attack Expert System
  • Viewing Traffic Learning Graphs
  • Local Logging Facilities and Destinations
  • How to Enable Local Logging of Security Events
  • Viewing Logs in the Configuration Utility
  • Exporting Requests
  • Logging Profiles: Build What You Need
  • Configuring Response Logging
  • Lab Project
  • Defining Parameter Types
  • Defining Static Parameters
  • Defining Dynamic Parameters
  • Defining Dynamic Parameter Extraction Properties
  • Defining Parameter Levels
  • Other Parameter Considerations
  • Comparing Security Policies with Policy Diff
  • Merging Security Policies
  • Editing and Exporting Security Policies
  • Restoring with Policy History
  • Examples of ASM Deployment Types
  • ConfigSync and ASM Security Data
  • ASMQKVIEW: Provide to F5 Support for Troubleshooting
  • Application Templates: Pre-Configured Baseline Security
  • Overview of Automatic Policy Building
  • Defining Templates Which Automate Learning
  • Defining Policy Loosening
  • Defining Policy Tightening
  • Defining Learning Speed: Traffic Sampling
  • Defining Track Site Changes
  • Integrating Scanner Output Into ASM
  • Will Scan be Used for a New or Existing Policy?
  • Importing Vulnerabilities
  • Resolving Vulnerabilities
  • Using the Generic XML Scanner XSD file
  • Defining a Parent Policy
  • Defining Inheritance
  • Parent Policy Deployment Use Cases
  • Defining Login Pages
  • Configuring Automatic Detection of Login Pages
  • Defining Session Tracking
  • What Are Brute Force Attacks?
  • Brute Force Protection Configuration
  • Defining Source-Based Protection
  • Source-Based Brute Force Mitigations
  • Defining Session Tracking
  • Configuring Actions Upon Violation Detection
  • Session Hijacking Mitigation Using Device ID
  • Defining Web Scraping
  • Mitigating Web Scraping
  • Defining Geolocation Enforcement
  • Configuring IP Address Exceptions
  • Defining Denial of Service Attacks
  • The General Flow of DoS Protection
  • Defining the DoS Profile
  • Overview of TPS-based DoS Protection
  • Applying TPS mitigations
  • Create a DoS Logging Profile
  • Defining DoS Profile General Settings
  • Defining Bot Signatures
  • Defining Proactive Bot Defense
  • Defining Behavioral and Stress-Based Detection
  • Defining Behavioral DoS Mitigation
  • Common Uses for iRules
  • Identifying iRule Components
  • Triggering iRules with Events
  • Defining ASM iRule Events
  • Defining ASM iRule Commands
  • Using ASM iRule Event Modes
  • Defining Asynchronous JavaScript and XML
  • Defining JavaScript Object Notation (JSON)
  • Defining Content Profiles
  • The Order of Operations for URL Classification
  • Final Lab Project (Option 1) – Production Scenario
  • Final Lab Project (Option 2) – JSON Parsing with the Default JSON Profile
  • Final Lab Project (Option 3) – Managing Traffic with Layer 7 Local Traffic Policies
Live Online Training (Duration : 40 Hours) Fee On Request
We Offer :
  • 1-on-1 Public - Select your own start date. Other students can be merged.
  • 1-on-1 Private - Select your own start date. You will be the only student in the class.

4 Hours
8 Hours
Week Days
Weekend

Start Time : At any time

12 AM
12 PM

1-On-1 Training is Guaranteed to Run (GTR)
Group Training
Date On Request
Configuring BIG-IP ASM: Application Security Manager
Course Prerequisites

The Configuring BIG-IP ASM: Application Security Manager Training course is designed for persons who are familiar with the following:
• Unix/Linux command line experience
• Basic networking concepts
• Web technologies, web languages, and web application vulnerability
• Familiarity with General Data Protection Regulation (GDPR)
• Knowledge of F5 Networks' BIG-IP family of products
• Background in security engineering and security incident management
• Web application firewall (WAF) technologies, such as the variants of WAF (OWASP ModSecurity Core Rules Set (CRS), ModSecurity rules, and other F5 WAF technologies)

Target Audience


The target audience for the Configuring BIG-IP ASM: Application Security Manager training is IT professionals who need to secure web applications
This includes security analysts, security architects, security engineers, and web application administrators
This training will provide the necessary skills for professionals to configure BIG-IP ASM to help protect web applications from external threats, malicious attacks, and vulnerabilities
The course will also provide an understanding of how to use the tools in BIG-IP ASM, such as advanced security checks, threat mitigation settings, and adaptive learning features
This course is also beneficial for developers or IT teams looking to understand the process of hardening web applications

Learning Objectives of Configuring BIG-IP ASM: Application Security Manager


1. Learn how to identify and secure web applications from threats on the BIG-IP Application Security Manager (ASM).
2. Develop skills in configuring ASM to protect against both known and emerging threats.
3. Gain an understanding of how to apply security policy decisions based on criteria such as rules, signatures, malicious activities, and user access.
4. Develop the ability to monitor and report on application and system performance to ensure optimal uptime and security.
5. Understand how to respond to threats quickly and effectively and how to integrate ASM into existing security policies and frameworks.
6. Learn how to implement advanced security techniques to defeat sophisticated attacks such as SQL injection and cross-site scripting.
7. Create an emergency response strategy to identify, respond to, and recover from security breaches.
8. Develop a plan on how to maintain, upgrade, and troubleshoot the BIG-IP ASM environment.

FAQ's

Yes, course requiring practical include hands-on labs.
You can buy online from the page by clicking on "Buy Now". You can view alternate payment method on payment options page.
Yes, you can pay from the course page and flexi page.
Yes, the site is secure by utilizing Secure Sockets Layer (SSL) Technology. SSL technology enables the encryption of sensitive information during online transactions. We use the highest assurance SSL/TLS certificate, which ensures that no unauthorized person can get to your sensitive payment data over the web.
We use the best standards in Internet security. Any data retained is not shared with third parties.
You can request a refund if you do not wish to enroll in the course.
To receive an acknowledgment of your online payment, you should have a valid email address. At the point when you enter your name, Visa, and other data, you have the option of entering your email address. Would it be a good idea for you to decide to enter your email address, confirmation of your payment will be emailed to you.
After you submit your payment, you will land on the payment confirmation screen.It contains your payment confirmation message. You will likewise get a confirmation email after your transaction is submitted.
We do accept all major credit cards from Visa, Mastercard, American Express, and Discover.
Credit card transactions normally take 48 hours to settle. Approval is given right away; however,it takes 48 hours for the money to be moved.
Yes, we do accept partial payments, you may use one payment method for part of the transaction and another payment method for other parts of the transaction.
Yes, if we have an office in your city.
Yes, we do offer corporate training More details
Yes, we do.
Yes, we also offer weekend classes.
Yes, Koenig follows a BYOL(Bring Your Own Laptop) policy.
It is recommended but not mandatory. Being acquainted with the basic course material will enable you and the trainer to move at a desired pace during classes.You can access courseware for most vendors.
Yes, this is our official email address which we use if a recipient is not able to receive emails from our @koenig-solutions.com email address.
Buy-Now. Pay-Later option is available using credit card in USA and India only.
You will receive the digital certificate post training completion via learning enhancement tool after registration.
Yes you can.
Yes, we do. For details go to flexi
You can pay through debit/credit card or bank wire transfer.
Yes you can request your customer experience manager for the same.
1-on-1 Public - Select your start date. Other students can be merged.
1-on-1 Private - Select your start date. You will be the only student in the class.
Yes, fee excludes local taxes.
Yes, we do.
Schedule for Group Training is decided by Koenig. Schedule for 1-on-1 is decided by you.
In 1 on 1 Public you can select your own schedule, other students can be merged. Choose 1-on-1 if published schedule doesn't meet your requirement. If you want a private session, opt for 1-on-1 Private.
Duration of Ultra-Fast Track is 50% of the duration of the Standard Track. Yes(course content is same).

Prices & Payments

Yes of course.
Yes, We are

Travel and Visa

Yes we do after your registration for course.

Food and Beverages

Yes.

Others

Says our CEO-
“It is an interesting story and dates back half a century. My father started a manufacturing business in India in the 1960's for import substitute electromechanical components such as microswitches. German and Japanese goods were held in high esteem so he named his company Essen Deinki (Essen is a well known industrial town in Germany and Deinki is Japanese for electric company). His products were very good quality and the fact that they sounded German and Japanese also helped. He did quite well. In 1970s he branched out into electronic products and again looked for a German name. This time he chose Koenig, and Koenig Electronics was born. In 1990s after graduating from college I was looking for a name for my company and Koenig Solutions sounded just right. Initially we had marketed under the brand of Digital Equipment Corporation but DEC went out of business and we switched to the Koenig name. Koenig is difficult to pronounce and marketeers said it is not a good choice for a B2C brand. But it has proven lucky for us.” – Says Rohit Aggarwal (Founder and CEO - Koenig Solutions)
All our trainers are fluent in English . Majority of our customers are from outside India and our trainers speak in a neutral accent which is easily understandable by students from all nationalities. Our money back guarantee also stands for accent of the trainer.
Medical services in India are at par with the world and are a fraction of costs in Europe and USA. A number of our students have scheduled cosmetic, dental and ocular procedures during their stay in India. We can provide advice about this, on request.
Yes, if you send 4 participants, we can offer an exclusive training for them which can be started from Any Date™ suitable for you.