F5 Distributed Cloud: API Discovery & Protection

Welcome

In this lab, participants will explore the depths of F5 Web Application and API Protection (WAAP) within F5 Distributed Cloud. Dive headfirst into the cutting-edge world of API Discovery, uncovering what’s within, Sensitive Data and Authentication State detection. Get hands-on experience as you unleash the power of API Protection and API Rate Limiting.

Objective:

• Gain a deeper understanding of key F5 Distributed Cloud security functions and controls

• Explore building API Discovery and Protection within F5 Distributed Cloud

  • API Discovery: Provided via machine-based learning processes, enables visualization of the API Framework, assesses use of end-points, discovers new end-points based on flows, identifies use of sensitive information, and enables swagger file export.

  • API Protection: Encompasses a set of definitions and controls to protect and secure the functions, use and endpoints of the delivered API’s framework.

Lab & Tasks:

• All Lab requirements will be noted in the tasks that follow

• Estimated completion time: 2 Labs approximately 15-20 minutes each

Labs:

• Introduction: Accessing F5 Distributed Cloud Console
  • Task 1: Lab Environment
  • Task 2: F5 Distributed Cloud Console Login
• Lab 1: API Discovery
  • Task 1: Configure Load Balancer and Origin Pool
  • Task 2: Swagger File Import & Version Control
  • Task 3: Swagger Definition
  • Task 4: Enabling API Inventory and Discovery
• Lab 2: API Protection & Rate Limiting
  • Task 1: Attaching API Protection to Load Balancer Object
  • Task 2: Attach API Rate Limiting to Load Balancer Object
• Conclusion
• Appendix