F5 Web Application Firewall Solutions > WAF 341 – Advanced Protection and Positive Security (Self Guided) Source | Edit on
Lab Environment & TopologyLab Environment & Topology¶
Note
All work is done from the Linux Client, which can be accessed via RDP (Windows Remote Desktop). No installation or interaction with your local system is required.
Environment¶
Linux Client:
Web Attack Tools used in this lab:
- BURP Community Edition - Packet Crafting
- curl - command line webclient. Very useful for debugging and request crafting
- Postman - API Development and request crafting
- ab (Apache Bench) - HTTP Load Testing
Linux server:
- JuiceShop - OWASP Juice Shop
- is probably the most modern and sophisticated insecure web application!
Lab Topology¶
The network topology implemented for this lab is very simple. The following components have been included in your lab environment:
- 1 x Ubuntu Linux 20.04 client
- 1 x F5 BIG-IP VE (v16.0.1) running Advanced WAF with Ip Intelligence & Threat Campaigns Subscription Services.
- 1 x Ubuntu Linux 20.04 server
The following table lists VLANS, IP Addresses and Credentials for all components. The “password” will be provided by your instructor.
| Component | Mgmt IP | ClientSide IP | ServerSide IP | Credentials |
|---|---|---|---|---|
| Linux Client | 10.1.1.7 | 10.1.10.51 | N/A | rdp-f5student:password |
| BIG-IP | 10.1.1.4 | 10.1.10.245 | 10.1.20.245 | https - ssh - |
| Linux Server | 10.1.1.6 | N/A | 10.1.20.252 | ssh - f5student:password |