F5 Distributed Cloud 102 - WAF/WAAP Deeper Dive

Welcome

In this lab, attendees will take a deeper dive into F5 Web Application and API Protection (WAAP). Attendees will review WAAP Policy Frameworks, exercise configuration options, review security events and perform exclusion handling. Attendees will also explore Service Policy configuration and AI-driven BotDefense deployment configurations.

Objective:

• Gain a deeper understanding of key F5 Distributed Cloud security functions and controls
• Gain an understanding WAAP Policies, Service Policies and BotDefense configuration.

Lab & Tasks:

• All Lab requirements will be noted in the tasks that follow
• Estimated completion time: 3 Labs approximately 15-20 minutes each

Labs:

• 1. Introduction: Accessing F5 Distributed Cloud Console
  • 1.1. Task 1: Lab Environment
  • 1.2. Task 2: F5 Distributed Cloud Console Login
• 2. Lab 1: Deploying and Managing F5 Distributed Cloud Web Application Firewall Configuration
  • 2.1. Task 1: Configure Load Balancer and Origin Pool
  • 2.2. Task 2: Configure WAF Policy on the Load Balancer
  • 2.3. Task 3: Testing the WAF Policy & Reviewing Event Data
  • 2.4. Task 4: Understanding Exclusions and Customizing WAF Policy
• 3. Lab 2: Reviewing Signature-based Bot Strategies and enabling F5 Distributed Cloud BotDefense
  • 3.1. Task 1: Reviewing Signature-based Bot protection
  • 3.2. Task 2: Enabling AI-Driven F5 Distributed Cloud BotDefense
• 4. Lab 3: Exploring Service Policies
  • 4.1. Task 1: Creating Local Namespace Service Policies
  • 4.2. Task 2: Attaching Service Policies and configuring IP Reputation
  • 4.3. Task 3: Observing Route Configurations
• 5. Conclusion
• 6. Appendix