Web Application Firewall

With increase in web threats, there is need to secure the business web applications. Web application firewalls extend beyond traditional firewalls and intrusion detection systems (IDSs) to provide comprehensive protection for business-critical Web applications. Application firewall not only detects the complex Web application attacks of today, but also blocks the attack traffic in real time without affecting the normal flow of business data traffic.

This course is designed for students to detect, mitigate and prevent HTTP based attacks on web applications. Candidates should have basic understanding on ip addressing, routing and switching technologies and web application concepts.

Upon completion of this course, students will be able to:

  • Perform the basic & advance configuration of ASM module including:
    • Web application concepts and vulnerabilities
    • Cookies , attack signatures and security policy deployment
    • Configuring static and dynamic parameter handling
    • Defining real traffic policy builder
    • Configuring login enforcement, session and user tracking
    • Configuring ASM iRules

Module 0 – Basic Initialization &Traffic Processing

  • Introducing load balancer
  • Initially setting up system
  • Identifying load balancer traffic processing objects
  • Understanding on network packet flow
  • Overview of local traffic policies and ASM

Module 1 – Web Application concepts

  • HTTP and web application components
  • HTTP headers
  • HTTP responses
  • HTML components
  • Parsing on file types and URLS using ASM
  • Overview of top 10 web application vulnerabilities

Module2 –   Security policy and attack signature deployment

  • Understanding on positive and negative security model
  • Defining security policy components
  • Understanding selective mode
  • Security policy building
  • Understanding attack signatures and staging
  • Defining attack signatures
  • Attack signature features
  • Updating attack signatures

Module3 – Cookies and other headers

  • Purposes of ASM Cookies
  • Understanding Allowed and Enforced Cookies
  • Configuring security processing on HTTP headers

Module 4 – Advanced parameter handling and policy builder

  • Defining parameters
  • Configuration of static and dynamic parameters
  • Policy types
  • Real traffic policy builder rules

Module 5 – Anomaly Detection

  • Defining Anomaly Detection
  • Preventing Brute Force Attacks
  • Preventing Web Scraping
  • Geolocation Enforcement
  • Configuring IP Address Exceptions

Module 7 – Login Enforcement, Session tracking, and Flows

  • Defining Login Pages
  • Configuring Login Enforcement
  • Configuring session and user tracking
  • Defining Flows
  • Configuring Flow Control