Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-866-716-6688 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:



Learn how to defend against attacks with Application Security Manager.

GK# 9764

Course Overview


In this course, you will learn how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect your web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.



  • Delivery Format:
  • Date:
  • Location:
  • Access Period:


What You'll Learn

  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Layer 7 DoS protection
  • ASM and iRules
  • XML and Web Services support
  • AJAX and JSON support


Viewing outline for:

Virtual Classroom Live Outline

1. Setting Up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Archiving the BIG-IP System Configuration
  • Leveraging F5 Support Resources and Tools
  • Chapter Resources
  • BIG-IP System Setup Labs

2. Traffic Processing with BIG-IP

  • Identifying BIG-IP Traffic Processing Objects
  • Network Packet Flow
  • Profiles
  • Local Traffic Policies and ASM

3. Web Application Concepts

  • Anatomy of a Web Application
  • Overview of Common Security Methods
  • Examining HTTP and Web Application Components
  • Examining HTTP Headers
  • Examining HTTP Responses
  • Examining HTML Components
  • How ASM Parses File Types, URLs, and Parameters
  • Using the Fiddler HTTP Proxy Tool

4. Web Application Vulnerabilities

  • OWASP Top 10 Vulnerabilities

5. Security Policy Deployment

  • Comparing Positive and Negative Security
  • Using the Deployment Wizard
  • Deployment Wizard: Local Traffic Deployment
  • Deployment Wizard: Workflow
  • Reviewing Requests
  • Security Checks offered by Rapid Deployment
  • Configuring Data Guard

6. Policy Tuning and Violations

  • Post-Configuration Traffic Processing
  • Defining False Positives
  • How Violations are Categorized
  • Violation Ratings
  • Enforcement Settings and Staging: Policy Control
  • Defining Signature Staging
  • Defining Enforcement Readiness Period
  • Defining Learning
  • Violations and Learning Suggestions
  • Learning Mode: Automatic or Manual
  • Defining Learn, Alarm and Block Settings
  • Interpreting Enforcement Readiness Summary
  • Configuring the Blocking Response Page

7. Attack Signatures

  • Defining Attack Signatures
  • Creating User-Defined Attack Signatures
  • Attack Signature Normalization
  • Attack Signature Structure
  • Defining Attack Signature Sets
  • Defining Attack Signature Pools
  • Updating Attack Signatures
  • Attack Signatures and Staging

8. Positive Security Policy Building

  • Defining Security Policy Components
  • Choosing an Explicit Entities Learning Scheme
  • How to learn: Add All Entities
  • Staging and Entities: The Entity Lifecycle
  • How to Learn: Never (Wildcard Only)
  • How to Learn: Selective
  • Learning Differentiation: Real Threats vs. False positives

9. Cookies and Other Headers

  • ASM Cookies: What to Enforce
  • Allowed and Enforced Cookies
  • Configuring Security Processing on HTTP Headers

10. Reporting and Logging

  • Reporting Capabilities in ASM
  • Viewing DoS Reports
  • Generating an ASM Security Events Report
  • Viewing Log files and Local Facilities
  • Understanding Logging Profiles

11. User Roles and Policy Modification

  • User Roles and Partitions
  • Comparing Policies
  • Editing and Exporting Security Policies
  • Examples of ASM Deployment Types
  • Overview of ASM Synchronization
  • Collecting Diagnostic Data with asmqkview

12. Lab Project

  • Lab Project 1

13. Advanced Parameter Handling

  • Defining Parameters
  • Defining Static Parameters
  • Dynamic Parameters and Extractions
  • Defining Parameter Levels
  • Attack Signatures and Parameters

14. Application-Ready Templates

  • Application Template Overview

15. Automatic Policy Building

  • Overview of Automatic Policy Building
  • Choosing a Policy Type
  • Defining Policy Building Process Rules
  • Defining the Learning Score

16. Web Application Vulnerability Scanners

  • Integrating ASM with Vulnerability Scanners
  • Importing Vulnerabilities
  • Resolving Vulnerabilities
  • Using the Generic XML Scanner Output

17. Login Enforcement and Session Tracking

  • Defining a Login URL
  • Defining Session Awareness and User Tracking

18. Brute force and Web Scraping Mitigation

  • Defining Anomalies
  • Mitigating Brute Force Attacks
  • Defining Session-Based Brute Force Protection
  • Defining Dynamic Brute Force Protection
  • Defining the Prevention Policy
  • Mitigating Web Scraping
  • Defining Geolocation Enforcement
  • Configuring IP Address Exceptions

19. Layer 7 DoS Mitigation

  • Defining Denial of Service Attacks
  • Defining General Settings L7 DoS Profile
  • Defining TPS-Based DoS Protection
  • Defining Operation Mode
  • Defining Mitigation Methods
  • Defining Stress-Based Detection
  • Defining Proactive Bot Defense
  • Using Bot Signatures

20. ASM and iRules

  • Defining Application Security iRule Events
  • Using ASM iRule Event Modes
  • iRule Syntax
  • ASM iRule Commands

21. XML and Web Services

  • Defining XML
  • Defining Web Services
  • Configuring an XML Profile
  • Schema and WSDL Configuration
  • XML Attack Signatures
  • Using Web Services Security

22. Web 2.0 Support: JSON Profiles

  • Defining Asynchronous JavaScript and XML
  • Defining JavaScript Object Notation
  • Configuring a JSON Profile

23. Review and Final Labs

24. Additional Training and Certification

  • Getting Started Series Web-Based Training
  • F5 Instructor Led Training Curriculum
  • F5 Professional Certification Program


Who Should Attend

  • Security and network administrators who are responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager

Follow-On Courses

Course Delivery

This course is available in the following formats:

Virtual Classroom Live

Experience expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 4 day

Request this course in a different delivery format.