This Security Workshop provides participants with an opportunity to experiment with many of the different components of F5’s security solutions in a hands-on lab environment using a real-world application delivery deployment scenario. The goal of the course is to put to practical use the extensive capabilities of the BIG-IP system to safeguard application delivery in today’s growing threat landscape, and to help the audience think differently about application security.
The labs in this workshop are designed to demonstrate how you might deploy some of F5's security solutions to protect applications at different layers of the OSI reference model. The course focuses on some of the features and functionality available in several BIG-IP modules, including:
At the end of this lab, you will be able to use a range of F5 security solutions on the BIG-IP system and on the client to detect, mitigate, and protect from many common attacks and exploits waged against web applications.
This workshop is intended for security and network administrators who are responsible for protecting applications delivered through a BIG-IP system, and who would like a more holistic view of applying F5 solutions to achieve greater application security.
The following F5 Certifications are required:
Working knowledge of and practical experience deploying configurations using one or more of the following BIG-IP modules is required:
This is an advanced workshop and is not designed to teach students how to configure these products in isolation. For practical experience learning how to configure each of these products, we recommend taking any of our Configuring courses first.
The Securing Apps with BIG-IP Solutions v13.1 course presents the same content as v12 with minor modifications to improve flow and updates needed for v13.1 enhancements.
Lab 1: Adding Traffic Management Directional Controls
Lab 2: Adding L3/4 Firewall Protections and Traffic Inspection
Lab 3: Implementing L7 Protections for a Vulnerable Web Application
Lab 4: Protecting DNS Services
Lab 5: Defending Against L4 DoS Attacks at the Global Context
Lab 6: Defending Against L4 DoS Attacks at the Virtual Server Context
Lab 7: Defending Against L7 DoS Attacks
Lab 8: Detecting Client-Side Malware
Lab 9: Deploying Client-Side Application Layer Encryption
Lab 10: Detecting Client-Side Automatic Transaction
Lab 11: Implementing Access Controls
Lab 12: Implementing Multi-Domain Sign-On
Lab 13: Implementing Single Sign-On to Applications
Lab 14: Defending on Your Own Terms