F5 Distributed Cloud: Advanced Threat & Fraud Security

Welcome

In this lab, attendees will review and explore more advanced security services within F5 Distributed Cloud platform. Lab tasks will focus on providing a deeper review & understanding of AI-driven Bot Defense security, common attack tools and how to use F5 Distributed Cloud dashboards to analyze threats.

Objective:

Gain a deeper understanding of key F5 Distributed Cloud security functions and controls as it pertains to malicious bots.

Lab & Tasks:

• All Lab requirements will be noted in the tasks that follow

• Estimated completion time: 4 Labs of varying lengths

Labs:

• Introduction: Accessing F5 Distributed Cloud Console
  • Task 1: Lab Environment
  • Course/Lab Invitation
  • Accessing UDF (F5 Unified Demo Framework)
  • Accessing F5 Distributed Cloud
• Lab 1: Explore Load Balancer and Review Traffic Dashboards
  • Task 1: Review your assigned Namespace and Verify the Application is Up
  • Task 2: Review the HTTP Load Balancer
  • Task 3: Generate Attack Traffic with OpenBullet Automated Attack Tool
  • Task 4: Review the Request Logs
  • Task 5: Assign a Web Application Firewall Policy and Re-Test
  • Task 6: Analyze the Request Logs after WAF Policy Enablement
• Lab 2: Adding a Bot Protection Profile and Testing
  • Task 1: Create a Bot Protection Profile
  • Task 2: Compare requests with and without Bot Defense
• Lab 3: Human-Simulated Stuffing Attack
  • Task 1: Execute a Human Credential Stuffing Attack
  • Task 2 : Review the Request Logs
• Lab 4: Defend Against an Ongoing Attack
  • Task 1: Launch the attack
  • Task 2: Modify the Bot Security Policy
  • Task 3: Place into Blocking Mode
  • Task 4: Claim your prize if you’re the first to complete this lab!
• Conclusion
• Appendix