Consulting Training Blog Careers About Us Contact Us
All Classes Will Be Held Virtually – Live Online Intertech's Training Division has been successfully instructing professionals through virtual live online training since the advent of the smartboard. It is a proven form and offers the convenience of live questions, group interaction, and labs with an instructor looking over your shoulder. Because of this, we will continue all classes live but virtually, including Agile and Scrum instruction, so businesses and individual’s seeking professional development can keep moving forward during these unexpected times.

F5 Networks Configuring BIG-IP ASM v13: Application Security Manager Training

Upcoming Classes

Click the Get Notified button for priority notification when a class is next scheduled.

Get Notified

On Site/Private

Can't find a class that fits right for you? Contact us to inquire about scheduling your own private class

Contact Us


The BIG-IP Application Security Manager course gives participants a functional understanding of how to deploy, tune, and operate BIG-IP Application Security Manager (ASM) to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different ASM components for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits.

Bring This Course To You

For groups of 5 or more, let Intertech bring this course to your location. Customized versions tailored towards your objectives are also available.

Learn More


This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the Application Security Manager.


Administering BIG-IP; basic familiarity with HTTP, HTML and XML; basic web application and security concepts.

Course Outline

Lesson 1 : Setting Up the BIG-IP System

Introducing the BIG-IP System 
Initially Setting Up the BIG-IP System 
Archiving the BIG-IP System Configuration 
Leveraging F5 Support Resources and Tools

Lesson 2 : Traffic Processing with BIG-IP

Identifying BIG-IP Traffic Processing Objects 
Overview of Network Packet Flow 
Understanding Profiles 
Overview of Local Traffic Policies and ASM 
HTTP Request Flow 
Chapter Resources

Lesson 3 : Web Application Concepts

Overview of Web Application Request Processing 
Web Application Are Vulnerable Even with SSL 
Layer 7 Protection with Web Application Firewalls 
Overview of Web Communication Elements 
Parsing URLs 
Overview of the HTTP Request Structure 
Method: Perform Actions on a Server 
HTTP Methods ASM Accepts by Default 
Comparing POST with GET 
Risks Within Other Methods 
Methods Enforcement for URLs 
HTTP Response Codes 
Examining HTTP Responses 
HTTPUser Input Forms: Free Text Input 
User Input Forms: Free Text Input 
How ASM Parses File Types, URLs, and Parameters 
Using the Fiddler HTTP Proxy 
Chapter Resources

Lesson 4 : Common Web Application Vulnerabilities

Common Exploits Against Web Applications

Lesson 5 : Security Policy Deployment

Comparing Positive and Negative Security Models 
Deployment: Combining Positive and Negative Security 
The Deployment Workflow 
Policy Type: How Will the Policy Be Applied 
Policy Template: Determines the Level of Protection 
Policy Templates: Automatic or Manual Policy Building 
Deployment Workflow: Advanced Settings 
Viewing Requests 
Security Checks Offered by Rapid Deployment 
Response Checks Using Data Guard 
Chapter Resources

Lesson 6 : Policy Tuning and Violations

Post-Deployment Traffic Processing 
Defining Violations 
Defining False Positives 
How Violations are Categorized 
Violation Rating: A Threat Scale 
Defining Staging and Enforcement 
Defining Enforcement Mode 
Defining the Enforcement Readiness Period 
Defining Learning 
Defining Learning Suggestions 
Choosing Automatic or Manual Learning 
Defining the Learn, Alarm and Block Settings 
Interpreting the Enforcement Readiness Summary 
Configuring the Blocking Response Page 
Chapter Resources

Lesson 7 : Attack Signatures

Defining Attack Signatures 
Creating User-Defined Attack Signatures 
Defining Attack Signature Sets 
Defining Attack Signature Pools 
Updating Attack Signatures 
Understanding Attack Signatures and Staging 
Chapter Resources

Lesson 8 : Positive Security Policy Building

Defining Security Policy Components 
Defining the Wildcard 
The Entity Staging Lifecycle 
Choosing the Learning Scheme 
How to Learn: Never (Wildcard Only) 
How To Learn: Always 
How to Learn: Selective 
Reviewing the Enforcement Readiness Period: Entities 
Violations Without Learning Suggestions 
Defining the Learning Score 
Defining Trusted and Untrusted IP Addresses 
How to Learn: Compact 
Chapter Resources

Lesson 9 : Cookies and Other Headers

ASM Cookies: What to Enforce 
Defining Allowed and Enforced Cookies 
Configuring Security Processing on HTTP headers 
Chapter Resources

Lesson 10 : Reporting and Logging

Reporting: Build Your Own View 
Reporting: Chart based on filters 
Brute Force and Web Scraping Statistics 
Viewing ASM Resource Reports 
PCI Compliance: PCI-DSS 3.0 
Generating a Security Events Report 
Viewing Traffic Learning Graphs 
Local Logging Facilities and Destinations 
Viewing Logs in the Configuration Utility 
Logging Profiles: Build What You Need 
Chapter Resources

Lesson 11 : Lab Project

Lesson 12 : User Roles and Policy Modification

Defining User Roles 
Defining ASM User Roles 
Defining Partitions 
Configuring User Partition Access 
Comparing Security Policies with Policy Diff 
Merging Security Policies 
Editing and Exporting Security Policies 
Restoring with Policy History 
Examples of ASM Deployment Types 
ConfigSync and ASM Security Data 
ASMQKVIEW: Provide to F5 Support for Troubleshooting 
Chapter Resources

Lesson 13 : Advanced Parameter Handling

Defining Parameter Types 
Defining Static Parameters 
Defining Dynamic Parameters 
Defining Dynamic Parameter Extraction Properties 
Defining Parameter Levels 
Other Parameter Considerations 
Chapter Resources

Lesson 14 : Application-Ready Templates

Application Templates: Pre-Configured Baseline Security 
Chapter Resources

Lesson 15 : Automatic Policy Building

Overview of Automatic Policy Building 
Defining Templates Which Automate Learning 
Defining Policy Loosening 
Defining Policy Tightening 
Defining Learning Speed: Traffic Sampling 
Defining Track Site Changes 
Chapter Resources

Lesson 16 : Web Application Vulnerability Scanners

Integrating Scanner Output Into ASM 
Will Scan be Used for a New or Existing Policy? 
Importing Vulnerabilities 
Resolving Vulnerabilities 
Using the Generic XML Scanner XSD file 
Chapter Resources

Lesson 17 : Login Enforcement & Session Tracking

Defining a Login URL 
Login Enforcement: Time and Logout Conditions 
Defining Session Tracking 
Configuring Actions Upon Violation Detection 
Session Hijacking Mitigation 
Why Fingerprint A Client 
Chapter Resources

Lesson 18 : Brute Force and Web Scraping Mitigation

Defining Anomalies 
Mitigating Brute Force Attacks via Login Page 
Defining Session-Based Brute Force Protection 
Defining Dynamic Brute Force Protection 
Defining the Prevention Policy 
Defining Web Scraping 
Defining Geolocation Enforcement 
Configuring IP Address Exceptions 
Chapter Resources

Lesson 19 : Layered Policies

Defining a Parent Policy 
Defining Inheritance 
Parent Policy Deployment Use Cases 
Chapter Resources

Lesson 20 : Layer 7 DoS mitigation

Defining Denial of Service Attacks 
Defining DoS Profile General Settings 
Defining Proactive Bot Defense 
Using Bot Signatures 
Defining TPS-based DoS Protection 
Defining Operation Mode 
Defining Mitigation Methods 
Defining Behavioral and Stress-Based Detection 
Defining Behavioral DoS 
Chapter Resources

Lesson 21 : ASM and iRules

Common Uses for iRules 
Identifying iRule Components 
Triggering iRules with Events 
Defining ASM iRule Events 
Defining ASM iRule Commands 
Using ASM iRule Event Modes 
Chapter Resources

Lesson 22 : Content Profiles

Defining Asynchronous JavaScript and XML 
Defining JavaScript Object Notation (JSON) 
Defining Content Profiles 
The Order of Operations for URL Classification 
Chapter Resources

Lesson 23 : Review and Final Labs

Course Review Questions 
Answers to Review Questions

Free Resources from Intertech

Free On-Demand Video Bundle: IoT, Agile/Scrum, and Leadership

Free WhitePaper: Complete Guide to a Developer Job Search

Free eBook: Top Freeware Picks for Developers