Module 1: AWAF Policy Template Creation on BIG-IP (secops engineer)

Intro

As the security engineer, you are tasked with building a WAF policy template that will be used by the application teams.

Since the policy is used by multiple teams, it will mostly contain negative security controls (signatures, ip reputation…)

During the exercise, think which settings should be enabled and how changes to the template will be managed.

Also, think about how you can test your policy since it’s not going to be deployed by the security engineer.

In this lab, we will cover the following:

• Creation of an AWAF base policy (lab1)
• Creating a template from a base policy (lab2)
• Creating ASM Policies via Importing JSON Files (lab3)
• Deploying to a ‘secops testing’ environemnt (lab4)

• Lab 1.1: Creation of an AWAF base policy
• Lab 1.2: Creation of an AWAF template
• Lab 1.3: Creation of ASM Policies via Importing JSON Files
• Lab 1.4: Deploying to secops testing environment
• Review