Live Chat
Monday - Friday 8am - 6pm EST Chat Now
Contact Us
Monday - Friday 8am - 8pm EST 1-800-268-7737 Other Contact Options

Cart () Loading...

    • Quantity:
    • Delivery:
    • Dates:
    • Location:


F5 Configuring BIG-IP ASM: Application Security Manager Training v13

Learn how to defend against attacks with Application Security Manager.

GK# 9764

Course Overview


In this course, you will learn how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect your web applications from HTTP-based attacks.

The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day.



  • Delivery Format:
  • Date:
  • Location:
  • Access Period:


Class is Full
This session is full. Please select a different session.

What You'll Learn

  • Setting up the BIG-IP system
  • Traffic processing with BIG-IP Local Traffic Manager (LTM)
  • Web application concepts
  • Web application vulnerabilities
  • Security policy deployment
  • Security policy tuning
  • Attack signatures
  • Positive security building
  • Securing cookies and other headers
  • Reporting and logging
  • User roles
  • Policy modification, merging, and exporting
  • Advanced parameter handling
  • Using application templates
  • Using Automatic Policy Builder
  • Integrating with web vulnerability scanners
  • Login enforcement and session tracking
  • Web scraping detection and mitigation
  • Using Parent and Child policies
  • Layer 7 DoS protection
  • ASM and iRules
  • Using Content Profiles for AJAX and JSON applications


Viewing outline for:

Classroom Live Outline

Chapter 1: Setting Up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Archiving the BIG-IP System Configuration
  • Leveraging F5 Support Resources and Tools

Chapter 2: Traffic Processing with BIG-IP

  • Identifying BIG-IP Traffic Processing Objects
  • Overview of Network Packet Flow
  • Understanding Profiles
  • Overview of Local Traffic Policies and ASM
  • HTTP Request Flow
  • Chapter Resources

Chapter 3: Web Application Concepts

  • Overview of Web Application Request Processing
  • Web Application are Vulnerable Even with SSL
  • Layer 7 Protection with Web Application Firewalls
  • Overview of Web Communication Elements
  • Parsing URLs
  • Overview of the HTTP Request Structure
  • Method: Perform Actions on a Server
  • HTTP Methods ASM Accepts by Default
  • Comparing POST with GET
  • Risks Within Other Methods
  • Methods Enforcement for URLs
  • HTTP Response Codes
  • Examining HTTP Responses
  • HTTP User Input Forms: Free Text Input
  • User Input Forms: Free Text Input
  • How ASM Parses File Types, URLs, and Parameters
  • Using the Fiddler HTTP Proxy
  • Chapter Resources

Chapter 4: Common Web Application Vulnerabilities

  • Common Exploits Against Web Applications

Chapter 5: Security Policy Deployment

  • Deployment: Combining Positive and Negative Security
  • The Deployment Workflow
  • Policy Type: How Will the Policy Be Applied
  • Policy Template: Determines the Level of Protection
  • Policy Templates: Automatic or Manual Policy Building
  • Deployment Workflow: Advanced Settings
  • Viewing Requests
  • Security Checks Offered by Rapid Deployment
  • Response Checks Using Data Guard
  • Chapter Resources

Chapter 6: Policy Tuning and Violations

  • Post-Deployment Traffic Processing
  • Defining Violations
  • Defining False Positives
  • How Violations are Categorized
  • Violation Rating: A Threat Scale
  • Defining Staging and Enforcement
  • Defining Enforcement Mode
  • Defining the Enforcement Readiness Period
  • Defining Learning
  • Defining Learning Suggestions
  • Choosing Automatic or Manual Learning
  • Defining the Learn, Alarm and Block Settings
  • Interpreting the Enforcement Readiness Summary
  • Configuring the Blocking Response Page
  • Chapter Resources

Chapter 7: Attack Signatures

  • Defining Attack Signatures
  • Creating User-Defined Attack Signatures
  • Defining Attack Signature Sets
  • Defining Attack Signature Pools
  • Updating Attack Signatures
  • Understanding Attack Signatures and Staging
  • Chapter Resources

Chapter 8: Positive Security Policy Building

  • Defining Security Policy Components
  • Defining the Wildcard
  • The Entity Staging Lifecycle
  • Choosing the Learning Scheme
  • How to Learn: Never (Wildcard Only)
  • How To Learn: Always
  • How to Learn: Selective
  • Reviewing the Enforcement Readiness Period: Entities
  • Violations Without Learning Suggestions
  • Defining the Learning Score
  • Defining Trusted and Untrusted IP Addresses
  • How to Learn: Compact
  • Chapter Resources

Chapter 9: Cookies and Other Headers

  • ASM Cookies: What to Enforce
  • Defining Allowed and Enforced Cookies
  • Configuring Security Processing on HTTP headers
  • Chapter Resources

Chapter 10: Reporting and Logging

  • Reporting: Build Your Own View
    Reporting: Chart Based on Filters
    Brute Force and Web Scraping Statistics
    Viewing ASM Resource Reports
    PCI Compliance: PCI-DSS 3.0
    Generating a Security Events Report
    Viewing Traffic Learning Graphs
    Local Logging Facilities and Destinations
    Viewing Logs in the Configuration Utility
    Logging Profiles: Build What You Need
    Chapter Resources

Chapter 11: Lab Project

Chapter 12: User Roles and Policy Modification

  • Defining User Roles
  • Defining ASM User Roles
  • Defining Partitions
  • Configuring User Partition Access
  • Comparing Security Policies with Policy Diff
  • Merging Security Policies
  • Editing and Exporting Security Policies
  • Restoring with Policy History
  • Examples of ASM Deployment Types
  • ConfigSync and ASM Security Data
  • ASMQKVIEW: Provide to F5 Support for Troubleshooting
    Chapter Resources

Chapter 13: Advanced Parameter Handling

  • Defining Parameter Types
  • Defining Static Parameters
  • Defining Dynamic Parameters
  • Defining Dynamic Parameter Extraction Properties
  • Defining Parameter Levels
  • Other Parameter Considerations
  • Chapter Resources

Chapter 14: Application-Ready Templates

  • Application Templates: Pre-Configured Baseline Security
  • Chapter Resources

Chapter 15: Automatic Policy Building

  • Overview of Automatic Policy Building
  • Defining Templates Which Automate Learning
  • Defining Policy Loosening
  • Defining Policy Tightening
  • Defining Learning Speed: Traffic Sampling
  • Defining Track Site Changes
  • Chapter Resources

Chapter 16: Web Application Vulnerability Scanners

  • Integrating Scanner Output Into ASM
  • Will Scan be Used for a New or Existing Policy?
  • Importing Vulnerabilities
  • Resolving Vulnerabilities
  • Using the Generic XML Scanner XSD File
  • Chapter Resources

Chapter 17: Login Enforcement & Session Tracking

  • Defining a Login URL
  • Login Enforcement: Time and Logout Conditions
  • Defining Session Tracking
  • Configuring Actions Upon Violation Detection
  • Session Hijacking Mitigation
  • Why Fingerprint a Client
  • Chapter Resources

Chapter 18: Brute Force and Web Scraping Mitigation

  • Defining Anomalies
  • Mitigating Brute Force Attacks via Login Page
  • Defining Session-Based Brute Force Protection
  • Defining Dynamic Brute Force Protection
  • Defining the Prevention Policy
  • Defining Web Scraping
  • Defining Geolocation Enforcement
  • Configuring IP Address Exceptions
  • Chapter Resources

Chapter 19: Layered Policies

  • Defining a Parent Policy
  • Defining Inheritance
  • Parent Policy Deployment Use Cases
  • Chapter Resources

Chapter 20: Layer 7 DoS mitigation

  • Defining Denial of Service Attacks
  • Defining DoS Profile General Settings
  • Defining Proactive Bot Defense
  • Using Bot Signatures
  • Defining TPS-based DoS Protection
  • Defining Operation Mode
  • Defining Mitigation Methods
  • Defining Behavioral and Stress-Based Detection
  • Defining Behavioral DoS
  • Chapter Resources

Chapter 21: ASM and iRules

  • Common Uses for iRules
  • Identifying iRule Components
  • Triggering iRules with Events
  • Defining ASM iRule Events
  • Defining ASM iRule Commands
  • Using ASM iRule Event Modes
  • Chapter Resources

Chapter 22: Content Profiles

  • Defining Asynchronous JavaScript and XML
  • Defining JavaScript Object Notation (JSON)
  • Defining Content Profiles
  • The Order of Operations for URL Classification
  • Chapter Resources

Chapter 23: Review and Final Labs

Who Should Attend


Security and network administrators who are responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.

Follow-On Courses

Course Delivery

This course is available in the following formats:

Classroom Live

Receive face-to-face instruction at one of our training center locations.

Duration: 4 day

Virtual Classroom Live

Experience live, expert-led online training from the convenience of your home, office or anywhere with an internet connection.

Duration: 4 day

Request this course in a different delivery format.