Securing Apps with F5 Solutions v.13.1

This Security Workshop provides participants with an opportunity to experiment with many of the different components of F5’s security solutions in a hands-on lab environment using a real-world application delivery deployment scenario. The goal of the course is to put to practical use the extensive capabilities of the BIG-IP system to safeguard application delivery in today’s growing threat landscape, and to help the audience think differently about application security.
The labs in this workshop are designed to demonstrate how you might deploy some of F5's security solutions to protect applications at different layers of the OSI reference model. The course focuses on some of the features and functionality available in several BIG-IP modules, including:


BIG-IP Local Traffic Manager (LTM)


BIG-IP Advanced Firewall Manager (AFM)


BIG-IP Application Security Manager (ASM)


BIG-IP Access Policy Manager (APM)

BIG-IP Fraud Protection Service (FPS), also known as F5 WebSafe
Workshop Topics


Using L7 local traffic policies to direct expected traffic from a public-facing virtual server to private virtual servers for additional processing


Configuring and using security event logging to monitor legitimate traffic patterns and detect aberrations


Using network firewall rules to protect perimeter resources at L3/4


Using a web application firewall to detect and protect perimeter resources from known attack signatures


Using a web application firewall on internal resources to apply a positive security model and protect from data leakage


Using iRules to help maintain identity information for clients connecting from CDN and other proxy networks


Allowing DNS resolution through the BIG-IP system and implementing protection against unauthorized query types and recursive resolution requests


Mitigating DoS attacks using device DoS protection and eviction policies


Mitigating known L3/4 attack vectors at the perimeter