310 Fire courses in Cardiff delivered Live Online

Duration 3 Days 18 CPD hours This course is intended for This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks ScreenOS firewall products. Overview After successfully completing this course, you should be able to:Explain the Juniper Networks security architecture.Configure administrative access and options.Back up and restore configuration and ScreenOS files.Configure a ScreenOS device in transparent, route, Network Address Translation (NAT), and IP version 6 (IPv6) modes.Discuss the applications of multiple virtual routers.Configure the Juniper Networks firewall to permit and deny traffic based on user defined policies.Configure advanced policy options.Identify and configure network designs for various types of network address translation.Configure policy-based and route-based VPN tunnels. This course is the first in the ScreenOS curriculum. It is a course that focuses on configuration of the ScreenOS firewall/virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, address translation, and VPN implementations. The course combines both lecture and labs, with significant time allocated for hands-on experience. Students completing this course should be confident in their ability to configure Juniper Networks firewall/VPN products in a wide range of installations. Chapter 1: Course IntroductionChapter 2: ScreenOS Concepts, Terminology, and PlatformsChapter 3: Initial Connectivity Lab 1: Initial Configuration Chapter 4: Device Management Lab 2: Device Administration Chapter 5: Layer 3 Operations Lab 3: Layer 3 Operations Chapter 6: Basic Policy Configuration Lab 4: Basic Policy Configuration Chapter 7: Policy Options Lab 5: Policy Options Chapter 8: Address Translation Lab 6: Address Translation Chapter 9: VPN ConceptsChapter 10: Policy-Based VPNs Lab 7: Policy-Based VPNs Chapter 11: Route-Based VPNs Lab 8: Route-Based VPNs Chapter 12: IPv6 Lab 9: IPv6 Appendix A: Additional FeaturesAppendix B: Transparent Mode Lab 10: Transparent Mode (Optional) Additional course details: Nexus Humans Configuring Juniper Networks Firewall/IPSec VPN Products training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Configuring Juniper Networks Firewall/IPSec VPN Products course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 5 Days 30 CPD hours This course is intended for Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Support Staff Overview The Palo Alto Networks Firewall 10.2 Essentials: Configuration and Management (EDU-210) course is five days of instructor-led training that will help you to: Configure and manage the essential features of Palo Alto Networks next-generation firewalls Configure and manage Security and NAT policies to enable approved traffic to and from zones Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs Monitor network traffic using the interactive web interface and firewall reports Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud. Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud.

Duration 3 Days 18 CPD hours This course is intended for This course is intended for networking and security professionals involved in the administration and support of a security infrastructure using FortiGate appliances. Overview Monitor traffic passing through FortiGate Optimize FortiGate memory usage Diagnose using FortiGate tools such as the built-in sniffer and ''diagnose debug flow'' command Monitor statistics for user traffic, traffic shaping, user authentication, IPsec, web proxy, BGP, OSPF and HA Troubleshoot issues with conserve mode, high CPU, firewall policies, session helpers, user authentication, *IPsec, FortiGuard, UTM inspection, explicit web proxy, routing, and HA Describe the processing flow of FortiGate packet inspection Configure FortiGate for external BGP and OSPF This 3-day class provides more in-depth work with FortiGate infrastructure and architecture, combined with enhanced troubleshooting methods and tools to isolate and fix the most common issues in networks with FortiGate devices. Module 1: Security Fabric Configuring the Security Fabric Troubleshooting: Security Fabric Physical and logical topology views Module 2: FortiOS Architecture System information Module 3: System Troubleshooting Crash Logs Module 4: Traffic and Session Monitoring Exploring the session table Troubleshooting: Connectivity issues Module 5: Routing Failover of existing sessions Troubleshooting: Routing Module 6: FortiGuard Troubleshooting: Local FDS issue Troubleshooting: Rating lookups Module 7: Central Management FortiManager and registration Module 8: OSPF Configuring OSPF Troubleshooting: OSPF Module 9: Web Filtering and Antivirus Configuring Web Filtering and AV Troubleshooting: Web Filetering Troubleshooting: Antivirus Module 10: IPS Configuring IPS IPS custom signatures Module 11: BGP Configuring BGP Troubleshooting: BGHP neighbor Troubleshooting: BGP routing Configuring prefix lists Module 12: IPsec Troubleshooting: IPsec VPN Manager Module 13: Auto Discovery VPN Configuring ADVPN and IBGP Troubleshooting: OSPF and BGP' Additional course details: Nexus Humans Enterprise Firewall (NSE 7) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Enterprise Firewall (NSE 7) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall. In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: Traffic Processing with BIG-IP Identifying BIG-IP Traffic Processing Objects Overview of Network Packet Flow Understanding Profiles Overview of Local Traffic Policies Visualizing the HTTP Request Flow Module 3: Web Application Concepts Overview of Web Application Request Processing Web Application Firewall: Layer 7 Protection F5 Advanced WAF Layer 7 Security Checks Overview of Web Communication Elements Overview of the HTTP Request Structure Examining HTTP Responses How F5 Advanced WAF Parses File Types, URLs, and Parameters Using the Fiddler HTTP Proxy Module 4: Common Web Application Vulnerabilities A Taxonomy of Attacks: The Threat Landscape What Elements of Application Delivery are Targeted? Common Exploits Against Web Applications Module 5: Security Policy Deployment Defining Learning Comparing Positive and Negative Security Models The Deployment Workflow Policy Type: How Will the Policy Be Applied Policy Template: Determines the Level of Protection Policy Templates: Automatic or Manual Policy Building Assigning Policy to Virtual Server Deployment Workflow: Using Advanced Settings Selecting the Enforcement Mode The Importance of Application Language Configure Server Technologies Verify Attack Signature Staging Viewing Requests Security Checks Offered by Rapid Deployment Defining Attack Signatures Using Data Guard to Check Responses Module 6: Policy Tuning and Violations Post-Deployment Traffic Processing Defining Violations Defining False Positives How Violations are Categorized Violation Rating: A Threat Scale Defining Staging and Enforcement Defining Enforcement Mode Defining the Enforcement Readiness Period Reviewing the Definition of Learning Defining Learning Suggestions Choosing Automatic or Manual Learning Defining the Learn, Alarm and Block Settings Interpreting the Enforcement Readiness Summary Configuring the Blocking Response Page Module 7: Attack Signatures & Threat Campaigns Defining Attack Signatures Attack Signature Basics Creating User-Defined Attack Signatures Defining Simple and Advanced Edit Modes Defining Attack Signature Sets Defining Attack Signature Pools Understanding Attack Signatures and Staging Updating Attack Signatures Defining Threat Campaigns Deploying Threat Campaigns Module 8: Positive Security Policy Building Defining and Learning Security Policy Components Defining the Wildcard Defining the Entity Lifecycle Choosing the Learning Scheme How to Learn: Never (Wildcard Only) How to Learn: Always How to Learn: Selective Reviewing the Enforcement Readiness Period: Entities Viewing Learning Suggestions and Staging Status Violations Without Learning Suggestions Defining the Learning Score Defining Trusted and Untrusted IP Addresses How to Learn: Compact Module 9: Cookies and Other Headers F5 Advanced WAF Cookies: What to Enforce Defining Allowed and Enforced Cookies Configuring Security Processing on HTTP headers Module 10: Reporting and Logging Overview: Big Picture Data Reporting: Build Your Own View Reporting: Chart based on filters Brute Force and Web Scraping Statistics Viewing F5 Advanced WAF Resource Reports PCI Compliance: PCI-DSS 3.0 The Attack Expert System Viewing Traffic Learning Graphs Local Logging Facilities and Destinations How to Enable Local Logging of Security Events Viewing Logs in the Configuration Utility Exporting Requests Logging Profiles: Build What You Need Configuring Response Logging Module 11: Lab Project 1 Lab Project 1 Module 12: Advanced Parameter Handling Defining Parameter Types Defining Static Parameters Defining Dynamic Parameters Defining Dynamic Parameter Extraction Properties Defining Parameter Levels Other Parameter Considerations Module 13: Automatic Policy Building Overview of Automatic Policy Building Defining Templates Which Automate Learning Defining Policy Loosening Defining Policy Tightening Defining Learning Speed: Traffic Sampling Defining Track Site Changes Lesson 14: Web Application Vulnerability Scanner Integration Integrating Scanner Output Importing Vulnerabilities Resolving Vulnerabilities Using the Generic XML Scanner XSD file Lesson 15: Deploying Layered Policies Defining a Parent Policy Defining Inheritance Parent Policy Deployment Use Cases Lesson 16: Login Enforcement and Brute Force Mitigation Defining Login Pages for Flow Control Configuring Automatic Detection of Login Pages Defining Session Tracking Brute Force Protection Configuration Source-Based Brute Force Mitigations Defining Credentials Stuffing Mitigating Credentials Stuffing Lesson 17: Reconnaissance with Session Tracking Defining Session Tracking Configuring Actions Upon Violation Detection Lesson 18: Layer 7 DoS Mitigation Defining Denial of Service Attacks Defining the DoS Protection Profile Overview of TPS-based DoS Protection Creating a DoS Logging Profile Applying TPS Mitigations Defining Behavioral and Stress-Based Detection Lesson 19: Advanced Bot Protection Classifying Clients with the Bot Defense Profile Defining Bot Signatures Defining Proactive Bot Defense Defining Behavioral and Stress-Based Detection Defining Behavioral DoS Mitigation Lesson 20: Form Encryption using DataSafe Targeting Elements of Application Delivery Exploiting the Document Object Model Protecting Applications Using DataSafe The Order of Operations for URL Classification Lesson 21: Review and Final Labs Review and Final Labs

Duration 3 Days 18 CPD hours This course is intended for Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, Network Engineers, and Support Staff Overview The Palo Alto Networks Firewall 11.0: Troubleshooting course is three days of instructor-led training that will help you: Investigate networking issues using firewall tools including the CLI Follow proven troubleshooting methodologies specific to individual features Analyze advanced logs to resolve various real-life scenarios Solve advanced, scenario-based challenges Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud. Course Outline Module 1 - Tools and Resources Module 2 - CLI Primer Module 3 - Flow Logic Module 4 - Packet Captures Module 5 - Packet-Diagnostics Logs Module 6 - Host-Inbound Traffic Module 7 - Transit Traffic Module 8 - System Services Module 9 - Certificate Management and SSL Decryption Module 10 - User-ID Module 11 - GlobalProtect Module 12 - Support Escalation and RMAs Module 13 - Next Steps

Duration 2 Days 12 CPD hours This course is intended for Security Administrators, Security Operations Specialists, Security Analysts, Security Engineers, and Security Architects Overview The Palo Alto Networks Panorama 11.0: Managing Firewalls at Scale (EDU-220) course is two days of instructor-led training that should help you: Learn how to configure and manage the next-generation Panorama management server Gain experience configuring templates (including template variables) and device groups Gain experience with administration, log collection, and logging and reporting Become familiar with planning and design considerations for Panorama deployment This course should help students to gain in-depth knowledge about how to configure and manage their Palo Alto Networks Panorama management server. Administrators that complete this course should become familiar with the Panorama management server?s role in managing and securing their overall network. Network professionals will be shown how to use Panorama aggregated reporting to provide them with a holistic view of a network of Palo Alto Networks next-generation firewalls.Learn how to configure and manage the next-generation Panorama? management server. Course Outline Module 1 - Initial Configuration Module 2 - Adding Firewalls Module 3 - Templates Module 4 - Device Groups Module 5 - Log Collection and Forwarding Module 6 - Using Panorama Logs Module 7 - Panorama Administrative Accounts Module 8 - Reporting Module 9 - Troubleshooting

Duration 3 Days 18 CPD hours This course is intended for Experienced system administrators and network administrators Overview By the end of the course, you should be able to meet the following objectives: Describe the NSX Advanced Load Balancer architecture, components, and main functions Explain the key features and benefits of NSX Advanced Load Balancer Explain and configure local load-balancing constructs such as virtual services, pools, health monitors, and related components Recognize web application breaches and threats Recognize multiple attack vectors such as web scraping, Layer 7 Denial of Service, brute force, and code injections Explain the components of NSX Advanced Load Balancer WAF that build a security pipeline to protect a web application from being attacked Describe how to configure the NSX Advanced Load Balancer WAF components Describe an NSX Advanced Load Balancer WAF operational task such as setting up an application with WAF, tuning the WAF Policy, and working with logs and analytics Explain the NSX Advanced Load Balancer WAF best practices for on-boarding a web application; configuring WAF settings for effective application security Explain how to size the NSX Advanced Load Balancer WAF data plane Explain the WAF Application learning feature, configuration of Application learning, Virtual Patching concepts, common caveats, and troubleshooting while deploying in any environment Recognize NSX Advanced Load Balancer Cloud Services that include threat Intelligence services Describe the Threat Intelligence service provided by NSX Advanced Load Balancer WAF and how the NSX Advanced Load Balancer WAF Threat Intelligence service receives live security threat feed for multiple attack vectors from Cloud Services (formerly Avi Pulse) Describe the NSX Advanced Load Balancer DataScript capabilities for detecting and defending against advance and zero-day attacks. Discuss the relevant NSX Advanced Load Balancer WAF logs and perform basic troubleshooting of applications that are protected by NSX Advanced Load Balancer WAF Explain the NSX Advanced Load Balancer WAF capability to protect Personally Identifiable Information (PII) This three-day course provides comprehensive training to install, configure, and manage a VMware NSX Advanced Load Balancer Web Application Firewall (WAF) solution. This course covers key NSX Advanced Load Balancer WAF features and functionality offered in the NSX Advanced Load Balancer 22.1.3 release for web security and application attack protection. Features include security pipeline, application learning, policy tuning, false positive mitigation, virtual patching, threat intelligence, troubleshooting, logs, analytics, and solution monitoring. Hands-on labs provide access to an NSX Advanced Load Balancer environment to reinforce the skills and concepts presented in the course. Course Introduction Introduction and course logistics Course objectives Introduction to NSX Advanced Load Balancer Illustrate NSX Advanced Load Balancer Explain NSX Advanced Load Balancer architecture and components Describe control plane clustering and high availability Describe data plane high availability mode Understand the common terminologies used with NSX Advanced Load Balancer Explain the NSX Advanced Load Balancer service elements Explain virtual service components and how to configure a virtual service Explain application profiles and network profiles Explain the pool configuration options and how to configure a pool Explain the available load-balancing algorithms Explain and configure SSL profiles and certificates Explain cloud connectors and cloud connector integration modes Explain multiple health monitor types Understand client logs Introduction to Application Security Understand web application security breaches and the implication of breaches Explain common terminologies related to Web Application Security Understand the different teams involved to secure applications Attacking Web Applications Understand the various web application security testing methodologies Understand the OWASP Top 10 vulnerabilities Understand the tools to generate a web application attack Describe a few types of web application attacks Types of Transport Understand different web traffic transport modes Describe web traffic and API traffic NSX Advanced Load Balancer WAF Components Understand the core design principles of NSX Advanced Load Balancer WAF Describe the NSX Advanced Load Balancer WAF components that build the WAF security pipeline Understand the NSX Advanced Load Balancer WAF configuration objects NSX Advanced Load Balancer WAF Operations Examine how to set up an application with WAF Describe considerations for the WAF policy Work with WAF logs and analytics Describe WAF policy tuning Describe the options available to remediate false positive mitigation NSX Advanced Load Balancer WAF Best Practices Describe technical and application considerations for onboarding an application front ended by WAF Describe best practices to remediate false positive mitigation. Describe how to manage a response from a back-end application server and client upload to the application server Describe the consideration for setting the rigidity of a WAF signature rule set Describe the options available to identify client traffic NSX Advanced Load Balancer WAF Sizing Understand how to do WAF data plane sizing in Greenfield and Brownfield deployments NSX Advanced Load Balancer WAF Custom Rules Understand WAF custom rules Describe the need and recommendation for custom rules Describe ModSecurity rules Understand the ModSecurity rule structure and explain how to construct the rule Analyze a sample custom rule for the use-case scenario for in-depth understanding of a custom rule NSX Advanced Load Balancer WAF Application Learning Understand the significance of Application Learning Explain the Positive Security Model architecture Describe the WAF multifaceted Application Learning technique to build an application model for creating positive security rules Describe how to view the data that is learned by the Application learning module Describe the WAF Virtual Patching technique to construct a WAF policy from Dynamic Application Security Testing (DAST) scanner results Understand the conditions for sharing WAF Learning Data and PSM Group in WAF Policy. Malware Protection Through ICAP in NSX Advanced Load Balancer Understand Malicious File Upload Protection and ICAP workflow Describe ICAP configuration and log analytics NSX Advanced Load Balancer IP Reputation Understand IP Reputation concepts and their integration with NSX Advanced Load Balancer Describe IP Reputation configuration, log analytics, and troubleshooting DataScript for Application Security Describe DataScript events and reference Describe application security using DataScript Explain how to troubleshoot DataScript issues Rate Limiting and DOS Describe and configure the NSX Advanced Load Balancer rate limiter technique Describe protection from denial of service (DoS) attacks and distributed DoS (DDoS) attacks in NSX Advanced Load Balancer Explain the Service Engine general advice and guidance for DDOS Bot Management Understand Bots Describe the Bot Management mechanism in NSX Advanced Load Balancer Describe how to configure NSX Advanced Load Balancer Bot Management Managing Personally Identifiable Information in NSX Advanced Load Balancer Understand Personally Identifiable Information (PII) Understand the scope of managing PII in NSX Advanced Load Balancer Describe how to configure the hidden PII in NSX Advanced Load Balancer logs using profiles and WAF rules. Threat Intelligence Introduce the Threat Intelligence service Describe the Threat Intelligence live security threat feed for multiple attack vectors Describe how to configure Threat Intelligence in NSX Advanced Load Balancer Application Programming Interface Security Define Application Programming Interface (API) Security Understand API authentication and authorization using virtual service authentication mechanisms used for a virtual service such as LDAP, SAML, JSON Web Token, and OAUTH Understand API Rate Limiting in NSX Advanced Load Balancer Understand the NSX Advanced Load Balancer WAF Protection for API Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP AFM system. This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: AFM Overview AFM Overview AFM Availability AFM and the BIG-IP Security Menu Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Module 3: Network Firewall AFM Firewalls Contexts Modes Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Configuring Network Firewall Network Firewall Rules and Policies Network Firewall Rule Creation Identifying Traffic by Region with Geolocation Identifying Redundant and Conflicting Rules Identifying Stale Rules Prebuilding Firewall Rules with Lists and Schedules Rule Lists Address Lists Port Lists Schedules Network Firewall Policies Policy Status and Management Other Rule Actions Redirecting Traffic with Send to Virtual Checking Rule Processing with Packet Tester Examining Connections with Flow Inspector Module 4: Logs Event Logs Logging Profiles Limiting Log Messages with Log Throttling Enabling Logging in Firewall Rules BIG-IP Logging Mechanisms Log Publisher Log Destination Filtering Logs with the Custom Search Facility Logging Global Rule Events Log Configuration Changes QKView and Log Files SNMP MIB SNMP Traps Module 5: IP Intelligence Overview Feature 1 Dynamic White and Black Lists Black List Categories Feed Lists IP Intelligence Policies IP Intelligence Log Profile IP Intelligence Reporting Troubleshooting IP Intelligence Lists Feature 2 IP Intelligence Database Licensing Installation Configuration Troubleshooting IP Intelligence iRule Module 6: DoS Protection Denial of Service and DoS Protection Overview Device DoS Protection Configuring Device DoS Protection Variant 1 DoS Vectors Variant 2 DoS Vectors Automatic Threshold Configuration Variant 3 DoS Vectors Device DoS Profiles DoS Protection Profile Dynamic Signatures Dynamic Signatures Configuration DoS iRules Module 7: Reports AFM Reporting Facilities Overview Examining the Status of Particular AFM Features Exporting the Data Managing the Reporting Settings Scheduling Reports Examining AFM Status at High Level Mini Reporting Windows (Widgets) Building Custom Widgets Deleting and Restoring Widgets Dashboards Module 8: DoS White Lists Bypassing DoS Checks with White Lists Configuring DoS White Lists tmsh options Per Profile Whitelist Address List Module 9: DoS Sweep Flood Protection Isolating Bad Clients with Sweep Flood Configuring Sweep Flood Module 10: IP Intelligence Shun Overview Manual Configuration Dynamic Configuration IP Intelligence Policy tmsh options Extending the Shun Feature Route this Traffic to Nowhere - Remotely Triggered Black Hole Route this Traffic for Further Processing - Scrubber Module 11: DNS Firewall Filtering DNS Traffic with DNS Firewall Configuring DNS Firewall DNS Query Types DNS Opcode Types Logging DNS Firewall Events Troubleshooting Module 12: DNS DoS Overview DNS DoS Configuring DNS DoS DoS Protection Profile Device DoS and DNS Module 13: SIP DoS Session Initiation Protocol (SIP) Transactions and Dialogs SIP DoS Configuration DoS Protection Profile Device DoS and SIP Module 14: Port Misuse Overview Port Misuse and Service Policies Building a Port Misuse Policy Attaching a Service Policy Creating a Log Profile Module 15: Network Firewall iRules Overview iRule Events Configuration When to use iRules More Information Module 16: Recap BIG-IP Architecture and Traffic Flow AFM Packet Processing Overview

Duration 3 Days 18 CPD hours This course is intended for Experienced system administrators or network administrators and security professionals Overview By the end of the course, you should be able to meet the following objectives: Describe NSX Advanced Load Balancer architecture Describe the NSX Advanced Load Balancer components and main functions Explain the NSX Advanced Load Balancer key features and benefits Describe NSX Advanced Load Balancer Web Application Firewall architecture Describe the NSX Advanced Load Balancer Web Application Firewall components and main functions Explain the NSX Advanced Load Balancer Web Application Firewall key features and benefits Explain and configure Local Load Balancing constructors such as Virtual Services, Pools, Health Monitors and related components Understand and modify application behavior leveraging Profiles, Policies and DataScripts Configure and customize the NSX Advanced Load Balancer Web Application Firewall Describe and leverage NSX Advanced Load Balancer REST API interfaces and related automation capabilities Describe and configure NSX Advanced Load Balancer Web Application Firewall application and infrastructure monitoring Gather relevant information and perform basic troubleshooting of Web Application Firewall applications leveraging built-in NSX Advanced Load Balancer tooling This three-day course provides comprehensive training on how to configure, maintain and troubleshoot the Web Application Firewall component of the VMware NSX Advanced Load Balancer (Avi Networks) solution as well as provide an understanding of additional security related functionality. This course covers key NSX Advanced Load Balancer (Avi Networks) Web Application Firewall features and functionality offered in the NSX Advanced Load Balancer 18.2 release, including the overall infrastructure, virtual services and application components as well as application troubleshooting and solution monitoring. Access to a software-defined data center environment is provided through hands-on labs to reinforce the skills and concepts presented in the course. Course Introduction Introductions and course logistics Course objectives Introduction to NSX Advanced Load Balancer Introduce NSX Advanced Load Balancer Discuss NSX Advanced Load Balancer use cases and benefits Explain NSX Advanced Load Balancer architecture and components Explain the management, control, data, and consumption planes and their respective functions Introduction to NSX ALB Web Application Firewall Introduce the NSX Advanced Load Balancer Web Application Firewall Discuss NSX Advanced Load Balancer Web Application Firewall use cases and benefits Virtual Services Configuration Concepts Explain Virtual Service components Explain Virtual Service types Explain and configure basic virtual services components such as Application Profiles, Network Profiles, Pools and Health Monitors Attacking and Defending Web Applications Introduce the processes and methodologies used when attacking and defending web applications Introduce the tools used to attack web applications Explain with examples terminology such as Reflected XSS and SQL injection Profiles and Policies Explain and deep dive on Advanced Virtual Service creation Explain and deep dive on Application Profiles and Types such as L4, DNS, Syslog and HTTP Explain and configure advanced application HTTP Profile options Deep dive on Network Profiles and Types Explain and configure SSL Profiles and Certificates Explain and Configure HTTP and DNS policies DDOS Protection Introduce the NSX Advanced Load Balancer rate limiting functionality Explain the NSX Advanced Load Balancer rate limiting functionality Hands on examples of rate limiting in action Customizing Application Delivery with Datascripts Introduce the concept of datascripts to manipulate data Explain the various components and inspection points IWAF Deep Dive Describe the building blocks of the iWAF implementation Explain the various iWAF components Introduce both Positive and Negative security models Explain the iWAF Policies, profiles and rule sets IWAF Core Rule Set Explain the history and rationale of the core rule set Describe the NSX ALB (Avi) Core Rule Set IWAF Custom Rules Describe the power and complexity available via custom rules Explain the rule language Implement various use cases Explain common errors and possible solutions IWAF Operations Describe the iWAF application onboarding process Tuning the iWAF policies Working with iWAF logs and analytics Explaining false positive mitigation tactics IWAF Best Practices Provide guidance on how to get the best results Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware NSX Advanced Load Balancer: Web Application Firewall Security training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware NSX Advanced Load Balancer: Web Application Firewall Security course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 1 Days 6 CPD hours This course is intended for This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing ScreenOS products. Overview After successfully completing this course, you should be able to: Configure attack prevention features, including: ?SCREEN options; Deep Inspection (DI); and Antivirus (AV) scanning. Configure URL filtering. Configure antispam filters. This course meets the business needs of customers who are deploying the attack prevention features of ScreenOS software. The course focuses specifically on the attack-related features and assumes familiarity with ScreenOS software. Upon completing this course, you should be able to return to work and successfully configure and verify the desired attack prevention features. Chapter 1: Course Introduction Chapter 2: ScreenOS Basics Review Concepts Review Configuration Review Lab: ScreenOS Basics Review Chapter 3: SCREEN Options Multilayer Network Protection Types of Attacks SCREEN Options Configuration SCREEN Best Practices Lab: SCREEN Options Configuration Chapter 4: Deep Inspection Deep Inspection Overview Attack Database Configuration Policy Configuration Logging and Monitoring Lab: Deep Inspection Configuration Chapter 5: Antivirus Antivirus Operations Antivirus Configuration?Kaspersky Antivirus Configuration?ICAP Verifying Operations Lab: Antivirus Configuration Chapter 6: Web Filtering Web-Filtering Options Web-Filtering Configuration Verifying Operations Lab: Configuring Web Filtering Chapter 7: Antispam Antispam Concepts Antispam Configuration Verifying Operations Lab: Antispam Configuration Additional course details: Nexus Humans Attack Prevention with Juniper Networks Firewalls training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Attack Prevention with Juniper Networks Firewalls course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.