F5 Distributed Cloud - WAF/WAAP Deeper Dive

Welcome

In this lab, attendees will take a deeper dive into F5 Web Application and API Protection (WAAP). Attendees will review WAAP Policy Frameworks, exercise configuration options, review security events and perform exclusion handling. Attendees will also explore Service Policy configuration and AI-driven BotDefense deployment configurations.

Objective:

• Gain a deeper understanding of key F5 Distributed Cloud security functions and controls
• Gain an understanding WAAP Policies, Service Policies and BotDefense configuration.

Lab & Tasks:

• All Lab requirements will be noted in the tasks that follow
• Estimated completion time: 3 Labs approximately 15-20 minutes each

Labs:

• Introduction: Accessing F5 Distributed Cloud Console
  • Task 1: Lab Environment
  • Task 2: F5 Distributed Cloud Console Login
• Lab 1: Deploying and Managing F5 Distributed Cloud Web Application Firewall Configuration
  • Task 1: Configure Load Balancer and Origin Pool
  • Task 2: Configure WAF Policy on the Load Balancer
  • Task 3: Testing the WAF Policy & Reviewing Event Data
  • Task 4: Understanding Exclusions and Customizing WAF Policy
• Lab 2: Reviewing Signature-based Bot Strategies and enabling F5 Distributed Cloud BotDefense
  • Task 1: Reviewing Signature-based Bot protection
  • Task 2: Enabling F5 Distributed Cloud BotDefense
• Lab 3: Exploring Service Policies
  • Task 1: Creating Local Namespace Service Policies
  • Task 2: Attaching Service Policies and configuring IP Reputation
  • Task 3: Create, assign and test a Custom Service Policy
  • Task 4: Observing Route Configurations
• Lab 4: Malicious Users
  • Task 1: Creating a User Identification Policy
  • Task 2: Enable Malicious User Detection and Mitigation Actions
• Lab 5: Rate Limiting
  • Task 1: Establishing a Baseline
  • Task 2: Creating a Rate Limiting Policy
  • Task 3: Testing Rate Limiting
• Lab 6: API Discovery & Protection
  • Task 1: Swagger File Import & Version Control
  • Task 2: Swagger Definition
  • Task 3: Attaching API Discovery & Protection to Load Balancer Object
  • Task 4: Attach API Rate Limiting to Load Balancer Object
• Lab 7: Client-Side Defense
  • Task 1: Navigate to the Client-Side Defense Tile
• Conclusion
• Appendix