F5 Distributed Cloud: Application Firewall & Services

Welcome

In this lab, participants will embark on a journey through Web Application and API Protection (WAAP) within F5 Distributed Cloud. Get ready to be hands-on, deploying and managing a Web Application Firewall, while gaining experience with F5 Distributed Cloud Bot Defense and Malicious Users.

Objective:

• Gain a deeper understanding of key F5 Distributed Cloud security functions and controls

• Explore WAAP Policies, BotDefense configuration, and behavior based Malicious User

Lab & Tasks:

• All Lab requirements will be noted in the tasks that follow

• Estimated completion time: 3 Labs approximately 15-20 minutes each

Labs:

• Introduction: Accessing F5 Distributed Cloud Console
  • Task 1: Lab Environment
  • Task 2: F5 Distributed Cloud Console Login
• Lab 1: Deploying and Managing F5 Distributed Cloud Web Application Firewall Configuration
  • Task 1: Configure Load Balancer and Origin Pool
  • Task 2: Configure WAF Policy on the Load Balancer
  • Task 3: Testing the WAF Policy & Reviewing Event Data
  • Task 4: Understanding Exclusions and Customizing WAF Policy
• Lab 2: Reviewing Signature-based Bot Strategies and enabling F5 Distributed Cloud Bot Defense
  • Task 1: Reviewing Signature-based Bot protection
  • Task 2: Enabling F5 Distributed Cloud Bot Defense
• Lab 3: Malicious Users
  • Task 1: Creating a User Identification Policy
  • Task 2: Enable Malicious User Detection and Mitigation Actions
• Conclusion
• Appendix