F5 BIG-IP Next WAF Lab

Welcome to the F5 BIG-IP Next WAF Labs

Contents:

• Module 0: Introduction to BIG-IP Next, BIG-IP Next CM and how to use and prepare the lab
  • Lab 0.1 Introduction to BIG-IP Next and BIG-IP Next CM
    • BIG-IP Next
    • BIG-IP Next Central Manager
  • Lab 0.2 Start BIG-IP Next in UDF Lab
    • Lab Diagram
    • How to login to the various systems
  • Lab 0.3 Import the Postman Collection in the Windows Jump Host
• Module 1: BIG-IP Next Central Manager signature and Threat Campaigns update
  • Lab 1.1 - Stay up-to-date with F5’s latest Attack Signature updates and Threat Campaigns by automatically applying those updates
    • Check on latest attack signature and threat campaigns update files
• Module 2: Deploy an application using FAST template and assign a WAF policy
  • Lab 2.1 - Deploy an application using FAST template and the WAF Violation Rating policy template
    • Deploy a HTTPS Load Balancer with a WAF policy
• Module 3: Generate various attacks and explore the dashboard/events
  • Lab 3.1 Generate various attacks and explore the dashboard/events
    • Prerequisite
    • Using a WAF test tool to generate various violations
    • Adjust the Security Policy
    • Run the WAF test tool
    • WAF Dashboard
    • Event Logs Menu
    • Trigger Threat Campaigns Violations
    • Investigate in BIG-IP Central Manager using the Event Logs
    • Bot detection capabilities of BIG-IP Next WAF
    • Trigger Bot Defense violation
• Module 4: Create a new policy using a different template
  • Lab 4.1 - Create a new policy using using a different template, assign it to an existing application and explore further policy details
    • Create a new policy using the RAPID template
    • Assign the new policy to an existing application on BIG-IP Next Central Manager
    • Explore the policy settings
• Module 5: Import a WAF policy
  • Lab 5.1 - Import a WAF Policy
    • Import a policy from BIG-IP AWAF v16
• (OPTIONAL) Module 6: Labs for use case specific capabilities
  • (OPTIONAL) Lab 6 - Additional labs on further use cases and capabilities
    • Lab 6.1 - Data Guard
    • Lab 6.2 - Mask Sensitive Data in Event Logs
    • Lab 6.3 - Mitigating Brute Force Attacks
    • Lab 6.4 - Cross-site Request Forgery - CSRF
    • Useful Links:
• (OPTIONAL) Lab 7 - Manage the L7 DoS protection settings
  • (OPTIONAL) Lab 7 - Manage the L7 DoS protection settings
    • Configure L7 DoS Protection settings
    • Deploy a HTTP load balancer and attach recent created WAF policy
    • Attach a XFF-Mixed_Attacker iRule
    • Demo L7 DoS to the Juice Shop App