2126 Fire courses

Duration 3 Days 18 CPD hours This course is intended for This course is intended for network engineers, support personnel, reseller support, and others responsible for implementing Juniper Networks ScreenOS firewall products. Overview After successfully completing this course, you should be able to:Explain the Juniper Networks security architecture.Configure administrative access and options.Back up and restore configuration and ScreenOS files.Configure a ScreenOS device in transparent, route, Network Address Translation (NAT), and IP version 6 (IPv6) modes.Discuss the applications of multiple virtual routers.Configure the Juniper Networks firewall to permit and deny traffic based on user defined policies.Configure advanced policy options.Identify and configure network designs for various types of network address translation.Configure policy-based and route-based VPN tunnels. This course is the first in the ScreenOS curriculum. It is a course that focuses on configuration of the ScreenOS firewall/virtual private network (VPN) products in a variety of situations, including basic administrative access, routing, firewall policies and policy options, address translation, and VPN implementations. The course combines both lecture and labs, with significant time allocated for hands-on experience. Students completing this course should be confident in their ability to configure Juniper Networks firewall/VPN products in a wide range of installations. Chapter 1: Course IntroductionChapter 2: ScreenOS Concepts, Terminology, and PlatformsChapter 3: Initial Connectivity Lab 1: Initial Configuration Chapter 4: Device Management Lab 2: Device Administration Chapter 5: Layer 3 Operations Lab 3: Layer 3 Operations Chapter 6: Basic Policy Configuration Lab 4: Basic Policy Configuration Chapter 7: Policy Options Lab 5: Policy Options Chapter 8: Address Translation Lab 6: Address Translation Chapter 9: VPN ConceptsChapter 10: Policy-Based VPNs Lab 7: Policy-Based VPNs Chapter 11: Route-Based VPNs Lab 8: Route-Based VPNs Chapter 12: IPv6 Lab 9: IPv6 Appendix A: Additional FeaturesAppendix B: Transparent Mode Lab 10: Transparent Mode (Optional) Additional course details: Nexus Humans Configuring Juniper Networks Firewall/IPSec VPN Products training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Configuring Juniper Networks Firewall/IPSec VPN Products course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

24 Hours Left! Don't Let the Winter Deals Slip Away - Enrol Now! Risk Assessment and Management is important for any business to grow and succeed. Learn the importance of risk assessment and management in this course. Explore the hazards and risks to update the necessary control measures for your organisation. Know the fundamentals of accident reports and the appropriate risk management techniques. Make a disaster recovery plan that will help in your business Risk Assessment actions. If you are someone who wants to pursue a career in risk management, then this Risk Assessment course is very suitable for you. Learning Outcomes of Risk Assessment: After completing this risk assessment course, learners will be able to: Gain in-depth knowledge about risk assessment and its types Know more about the risk evaluation process Learn how to manage risk at the workplace Get to know what are the benefits of risk assessment Increase your financial and technological risk assessment skills So, join our comprehensive risk assessment course before the offer ends and complete it at your earliest convenience. Why Choose Our Risk Assessment Course? Opportunity to earn a certificate accredited by CPD. Get a free student ID card with this Risk Assessment Get instant access to this Risk Assessment course. Learn Risk Assessment from anywhere in the world Risk Assessment is affordable and simple to understand Risk Assessment is entirely online, interactive lesson with voiceover audio Lifetime access to the Risk Assessment course materials Risk Assessment comes with 24/7 tutor support *** Course Curriculum of the Risk Assessment Course *** Module 01: Risk and Types of Risk Overview of various risks, including financial, operational, strategic, and compliance risks, and their potential impacts on businesses. Module 02: The Risk Evaluation Process Introduction to the process of evaluating risks, including identification, assessment, and prioritisation of risks. Module 03: Risk Analysis & Assessment Covers techniques for analysing and assessing risks, focusing on qualitative and quantitative methods. Module 04: Risk Assessment and Common Risks Discussion on conducting risk assessments and identifying common risks faced by organisations. Module 05: Introduction to Risk Management Provides a foundation in risk management, including key concepts, principles, and the importance of managing risks effectively. Module 06: Risk Management Process Detailed overview of the risk management process, from risk identification to monitoring and review. Module 07: Benefits of Risk Management Highlights the advantages of effective risk management, such as improved decision-making, reduced losses, and enhanced business resilience. Module 08: Enterprise Risk Management Explores enterprise risk management (ERM) frameworks and their application in managing risks across an organisation. Module 09: Managing Financial Risks Focuses on identifying and managing financial risks, including market, credit, and liquidity risks. Module 10: Managing Technology Risks Discusses strategies for managing technology risks, including cybersecurity, data protection, and IT system failures. Assessment Start your learning journey straight away with this Risk Assessment course and take a step toward a brighter future! The Risk Assessment course is designed to provide participants with a comprehensive understanding of the principles, methodologies, and techniques involved in effectively assessing and managing risks. In today's dynamic business environment, organisations face a wide range of risks that can have a significant impact on their operations, finances, and reputation. This Risk Assessment course equips learners with the knowledge and skills needed to identify, analyse, evaluate, and mitigate risks across various domains. CPD 10 CPD hours / points Accredited by CPD Quality Standards Module 1: Risk and Types of Risk 11:15 1: Risk and Types of Risk Preview 11:15 Module 2: The Risk Evaluation Process 20:16 2: The Risk Evaluation Process 20:16 Module 3: Risk Analysis & Assessment 15:04 3: Risk Analysis & Assessment 15:04 Module 4: Risk Assessment and Common Risks 11:31 4: Risk Assessment and Common Risks 11:31 Module 5: Introduction to Risk Management 13:06 5: Introduction to Risk Management 13:06 Module 6: Risk Management Process 08:38 6: Risk Management Process 08:38 Module 7: Benefits of Risk Management 08:47 7: Benefits of Risk Management 08:47 Module 8: Enterprise Risk Management 15:39 8: Enterprise Risk Management 15:39 Module 9: Managing Financial Risks 20:22 9: Managing Financial Risks 20:22 Module 10: Managing Technology Risks 14:04 10: Managing Technology Risks 14:04 Order Your Certificate 02:00 11: Order Your CPD Certificate 01:00 12: Order Your QLS Endorsed Certificate 01:00 Who is this course for? Risk Assessment This risk assessment course is available to all. So, if you are interested in learning more about this topic, enrol and start your learning journey now. Requirements Risk Assessment You don't need any prior knowledge or qualifications to join this risk assessment course. Career path Risk Assessment After the completion of this risk assessment course. Certificates Certificate Accredited by CPD Digital certificate - Included Cademy certificate of completion Digital certificate - Included Will be downloadable when all lectures have been completed Certificate Accredited by CPD Hard copy certificate - £29 If you are an international student, then you have to pay an additional 10 GBP as an international delivery charge.

Duration 5 Days 30 CPD hours This course is intended for Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, and Support Staff Overview The Palo Alto Networks Firewall 10.2 Essentials: Configuration and Management (EDU-210) course is five days of instructor-led training that will help you to: Configure and manage the essential features of Palo Alto Networks next-generation firewalls Configure and manage Security and NAT policies to enable approved traffic to and from zones Configure and manage Threat Prevention strategies to block traffic from known and unknown IP addresses, domains, and URLs Monitor network traffic using the interactive web interface and firewall reports Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud. Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud.

Duration 3 Days 18 CPD hours This course is intended for This course is intended for networking and security professionals involved in the administration and support of a security infrastructure using FortiGate appliances. Overview Monitor traffic passing through FortiGate Optimize FortiGate memory usage Diagnose using FortiGate tools such as the built-in sniffer and ''diagnose debug flow'' command Monitor statistics for user traffic, traffic shaping, user authentication, IPsec, web proxy, BGP, OSPF and HA Troubleshoot issues with conserve mode, high CPU, firewall policies, session helpers, user authentication, *IPsec, FortiGuard, UTM inspection, explicit web proxy, routing, and HA Describe the processing flow of FortiGate packet inspection Configure FortiGate for external BGP and OSPF This 3-day class provides more in-depth work with FortiGate infrastructure and architecture, combined with enhanced troubleshooting methods and tools to isolate and fix the most common issues in networks with FortiGate devices. Module 1: Security Fabric Configuring the Security Fabric Troubleshooting: Security Fabric Physical and logical topology views Module 2: FortiOS Architecture System information Module 3: System Troubleshooting Crash Logs Module 4: Traffic and Session Monitoring Exploring the session table Troubleshooting: Connectivity issues Module 5: Routing Failover of existing sessions Troubleshooting: Routing Module 6: FortiGuard Troubleshooting: Local FDS issue Troubleshooting: Rating lookups Module 7: Central Management FortiManager and registration Module 8: OSPF Configuring OSPF Troubleshooting: OSPF Module 9: Web Filtering and Antivirus Configuring Web Filtering and AV Troubleshooting: Web Filetering Troubleshooting: Antivirus Module 10: IPS Configuring IPS IPS custom signatures Module 11: BGP Configuring BGP Troubleshooting: BGHP neighbor Troubleshooting: BGP routing Configuring prefix lists Module 12: IPsec Troubleshooting: IPsec VPN Manager Module 13: Auto Discovery VPN Configuring ADVPN and IBGP Troubleshooting: OSPF and BGP' Additional course details: Nexus Humans Enterprise Firewall (NSE 7) training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the Enterprise Firewall (NSE 7) course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 4 Days 24 CPD hours This course is intended for This course is intended for security and network administrators who will be responsible for the installation, deployment, tuning, and day-to-day maintenance of the F5 Advanced Web Application Firewall. In this 4 day course, students are provided with a functional understanding of how to deploy, tune, and operate F5 Advanced Web Application Firewall to protect their web applications from HTTP-based attacks. The course includes lecture, hands-on labs, and discussion about different F5 Advanced Web Application Firewall tools for detecting and mitigating threats from multiple attack vectors such web scraping, Layer 7 Denial of Service, brute force, bots, code injection, and zero day exploits. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: Traffic Processing with BIG-IP Identifying BIG-IP Traffic Processing Objects Overview of Network Packet Flow Understanding Profiles Overview of Local Traffic Policies Visualizing the HTTP Request Flow Module 3: Web Application Concepts Overview of Web Application Request Processing Web Application Firewall: Layer 7 Protection F5 Advanced WAF Layer 7 Security Checks Overview of Web Communication Elements Overview of the HTTP Request Structure Examining HTTP Responses How F5 Advanced WAF Parses File Types, URLs, and Parameters Using the Fiddler HTTP Proxy Module 4: Common Web Application Vulnerabilities A Taxonomy of Attacks: The Threat Landscape What Elements of Application Delivery are Targeted? Common Exploits Against Web Applications Module 5: Security Policy Deployment Defining Learning Comparing Positive and Negative Security Models The Deployment Workflow Policy Type: How Will the Policy Be Applied Policy Template: Determines the Level of Protection Policy Templates: Automatic or Manual Policy Building Assigning Policy to Virtual Server Deployment Workflow: Using Advanced Settings Selecting the Enforcement Mode The Importance of Application Language Configure Server Technologies Verify Attack Signature Staging Viewing Requests Security Checks Offered by Rapid Deployment Defining Attack Signatures Using Data Guard to Check Responses Module 6: Policy Tuning and Violations Post-Deployment Traffic Processing Defining Violations Defining False Positives How Violations are Categorized Violation Rating: A Threat Scale Defining Staging and Enforcement Defining Enforcement Mode Defining the Enforcement Readiness Period Reviewing the Definition of Learning Defining Learning Suggestions Choosing Automatic or Manual Learning Defining the Learn, Alarm and Block Settings Interpreting the Enforcement Readiness Summary Configuring the Blocking Response Page Module 7: Attack Signatures & Threat Campaigns Defining Attack Signatures Attack Signature Basics Creating User-Defined Attack Signatures Defining Simple and Advanced Edit Modes Defining Attack Signature Sets Defining Attack Signature Pools Understanding Attack Signatures and Staging Updating Attack Signatures Defining Threat Campaigns Deploying Threat Campaigns Module 8: Positive Security Policy Building Defining and Learning Security Policy Components Defining the Wildcard Defining the Entity Lifecycle Choosing the Learning Scheme How to Learn: Never (Wildcard Only) How to Learn: Always How to Learn: Selective Reviewing the Enforcement Readiness Period: Entities Viewing Learning Suggestions and Staging Status Violations Without Learning Suggestions Defining the Learning Score Defining Trusted and Untrusted IP Addresses How to Learn: Compact Module 9: Cookies and Other Headers F5 Advanced WAF Cookies: What to Enforce Defining Allowed and Enforced Cookies Configuring Security Processing on HTTP headers Module 10: Reporting and Logging Overview: Big Picture Data Reporting: Build Your Own View Reporting: Chart based on filters Brute Force and Web Scraping Statistics Viewing F5 Advanced WAF Resource Reports PCI Compliance: PCI-DSS 3.0 The Attack Expert System Viewing Traffic Learning Graphs Local Logging Facilities and Destinations How to Enable Local Logging of Security Events Viewing Logs in the Configuration Utility Exporting Requests Logging Profiles: Build What You Need Configuring Response Logging Module 11: Lab Project 1 Lab Project 1 Module 12: Advanced Parameter Handling Defining Parameter Types Defining Static Parameters Defining Dynamic Parameters Defining Dynamic Parameter Extraction Properties Defining Parameter Levels Other Parameter Considerations Module 13: Automatic Policy Building Overview of Automatic Policy Building Defining Templates Which Automate Learning Defining Policy Loosening Defining Policy Tightening Defining Learning Speed: Traffic Sampling Defining Track Site Changes Lesson 14: Web Application Vulnerability Scanner Integration Integrating Scanner Output Importing Vulnerabilities Resolving Vulnerabilities Using the Generic XML Scanner XSD file Lesson 15: Deploying Layered Policies Defining a Parent Policy Defining Inheritance Parent Policy Deployment Use Cases Lesson 16: Login Enforcement and Brute Force Mitigation Defining Login Pages for Flow Control Configuring Automatic Detection of Login Pages Defining Session Tracking Brute Force Protection Configuration Source-Based Brute Force Mitigations Defining Credentials Stuffing Mitigating Credentials Stuffing Lesson 17: Reconnaissance with Session Tracking Defining Session Tracking Configuring Actions Upon Violation Detection Lesson 18: Layer 7 DoS Mitigation Defining Denial of Service Attacks Defining the DoS Protection Profile Overview of TPS-based DoS Protection Creating a DoS Logging Profile Applying TPS Mitigations Defining Behavioral and Stress-Based Detection Lesson 19: Advanced Bot Protection Classifying Clients with the Bot Defense Profile Defining Bot Signatures Defining Proactive Bot Defense Defining Behavioral and Stress-Based Detection Defining Behavioral DoS Mitigation Lesson 20: Form Encryption using DataSafe Targeting Elements of Application Delivery Exploiting the Document Object Model Protecting Applications Using DataSafe The Order of Operations for URL Classification Lesson 21: Review and Final Labs Review and Final Labs

Duration 3 Days 18 CPD hours This course is intended for Security Engineers, Security Administrators, Security Operations Specialists, Security Analysts, Network Engineers, and Support Staff Overview The Palo Alto Networks Firewall 11.0: Troubleshooting course is three days of instructor-led training that will help you: Investigate networking issues using firewall tools including the CLI Follow proven troubleshooting methodologies specific to individual features Analyze advanced logs to resolve various real-life scenarios Solve advanced, scenario-based challenges Palo Alto Networks next-generation firewalls are architected to safely enable applications and prevent modern threats. Their approach identifies all network traffic based on applications, users, content and devices, and lets you express your business policies in the form of easy-to-understand security rules. Flexible deployment options and native integration with their next-generation security platform extend the policy enforcement and cyberthreat prevention to everywhere your users and data are located: in your network, on your endpoints and in the cloud. Course Outline Module 1 - Tools and Resources Module 2 - CLI Primer Module 3 - Flow Logic Module 4 - Packet Captures Module 5 - Packet-Diagnostics Logs Module 6 - Host-Inbound Traffic Module 7 - Transit Traffic Module 8 - System Services Module 9 - Certificate Management and SSL Decryption Module 10 - User-ID Module 11 - GlobalProtect Module 12 - Support Escalation and RMAs Module 13 - Next Steps

Duration 2 Days 12 CPD hours This course is intended for Security Administrators, Security Operations Specialists, Security Analysts, Security Engineers, and Security Architects Overview The Palo Alto Networks Panorama 11.0: Managing Firewalls at Scale (EDU-220) course is two days of instructor-led training that should help you: Learn how to configure and manage the next-generation Panorama management server Gain experience configuring templates (including template variables) and device groups Gain experience with administration, log collection, and logging and reporting Become familiar with planning and design considerations for Panorama deployment This course should help students to gain in-depth knowledge about how to configure and manage their Palo Alto Networks Panorama management server. Administrators that complete this course should become familiar with the Panorama management server?s role in managing and securing their overall network. Network professionals will be shown how to use Panorama aggregated reporting to provide them with a holistic view of a network of Palo Alto Networks next-generation firewalls.Learn how to configure and manage the next-generation Panorama? management server. Course Outline Module 1 - Initial Configuration Module 2 - Adding Firewalls Module 3 - Templates Module 4 - Device Groups Module 5 - Log Collection and Forwarding Module 6 - Using Panorama Logs Module 7 - Panorama Administrative Accounts Module 8 - Reporting Module 9 - Troubleshooting

Imagine yourself at a bustling construction site, surrounded by roaring machinery and a sea of vehicles. The chaos seems overwhelming, but amidst it all stands a confident figure, a Traffic Marshal. With a wave of their hand and a calm presence, they bring order to the frenzy, ensuring safety and efficient traffic flow. Have you ever wondered how you could be that hero, the one who keeps everything moving smoothly? Look no further than our captivating course, Traffic Marshal, where you'll learn the skills needed to become a master of traffic control in real-life scenarios. Learning Outcome: The Traffic Marshal course empowers individuals with the expertise to manage traffic effectively and ensure safety. By the end of the course, you will: Develop expertise in traffic management and control techniques, becoming a confident Traffic Marshal. Understand the principles of temporary traffic control in various scenarios, optimising the flow of vehicles. Acquire skills in vehicle signalling and managing reversing vehicles, ensuring smooth and efficient traffic flow. Perform effective traffic risk assessments to identify and address potential hazards, prioritising safety. Apply health and safety practices in traffic management situations, maintaining a secure environment for all. The Traffic Marshal course offers a comprehensive curriculum that equips individuals with the skills and knowledge to become masters of traffic control. In Module 01, you'll be introduced to the fundamentals of traffic marshalling, learning the core principles of this critical role. Module 02 delves deeper into traffic management techniques, equipping you with strategies to optimise traffic flow. Module 03 focuses on temporary traffic control, providing insights into handling diverse situations like roadworks and events. Vehicle signalling and managing reversing vehicles are covered in Module 05 and Module 06, respectively. Throughout the Traffic Marshal course, emphasis is placed on performing traffic risk assessments and applying health and safety practices in traffic management scenarios. Embark on the Traffic Marshal course to unlock exciting career opportunities and become a skilled professional in traffic management and control. Enrol now and join the ranks of confident Traffic Marshals who ensure the safe and smooth flow of vehicles on the roads. Certification Upon completion of the course, learners can obtain a certificate as proof of their achievement. You can receive a £4.99 PDF Certificate sent via email, a £9.99 Printed Hardcopy Certificate for delivery in the UK, or a £19.99 Printed Hardcopy Certificate for international delivery. Each option depends on individual preferences and locations. CPD 10 CPD hours / points Accredited by CPD Quality Standards Who is this course for? This Traffic Marshal course is intended for - Individuals seeking a rewarding career in traffic management and control. Construction workers and site supervisors responsible for ensuring traffic safety. Anyone interested in enhancing their knowledge of Traffic Marshal practices. Career path This Traffic Marshal course can assist you in various career paths. Such as - Traffic Marshal: £18,000 - £25,000 per year Traffic Supervisor: £25,000 - £35,000 per year Traffic Control Manager: £30,000 - £45,000 per year Health and Safety Officer: £25,000 - £40,000 per year Construction Site Traffic Marshal: £35,000 - £55,000 per year

Duration 3 Days 18 CPD hours This course is intended for Experienced system administrators and network administrators Overview By the end of the course, you should be able to meet the following objectives: Describe the NSX Advanced Load Balancer architecture, components, and main functions Explain the key features and benefits of NSX Advanced Load Balancer Explain and configure local load-balancing constructs such as virtual services, pools, health monitors, and related components Recognize web application breaches and threats Recognize multiple attack vectors such as web scraping, Layer 7 Denial of Service, brute force, and code injections Explain the components of NSX Advanced Load Balancer WAF that build a security pipeline to protect a web application from being attacked Describe how to configure the NSX Advanced Load Balancer WAF components Describe an NSX Advanced Load Balancer WAF operational task such as setting up an application with WAF, tuning the WAF Policy, and working with logs and analytics Explain the NSX Advanced Load Balancer WAF best practices for on-boarding a web application; configuring WAF settings for effective application security Explain how to size the NSX Advanced Load Balancer WAF data plane Explain the WAF Application learning feature, configuration of Application learning, Virtual Patching concepts, common caveats, and troubleshooting while deploying in any environment Recognize NSX Advanced Load Balancer Cloud Services that include threat Intelligence services Describe the Threat Intelligence service provided by NSX Advanced Load Balancer WAF and how the NSX Advanced Load Balancer WAF Threat Intelligence service receives live security threat feed for multiple attack vectors from Cloud Services (formerly Avi Pulse) Describe the NSX Advanced Load Balancer DataScript capabilities for detecting and defending against advance and zero-day attacks. Discuss the relevant NSX Advanced Load Balancer WAF logs and perform basic troubleshooting of applications that are protected by NSX Advanced Load Balancer WAF Explain the NSX Advanced Load Balancer WAF capability to protect Personally Identifiable Information (PII) This three-day course provides comprehensive training to install, configure, and manage a VMware NSX Advanced Load Balancer Web Application Firewall (WAF) solution. This course covers key NSX Advanced Load Balancer WAF features and functionality offered in the NSX Advanced Load Balancer 22.1.3 release for web security and application attack protection. Features include security pipeline, application learning, policy tuning, false positive mitigation, virtual patching, threat intelligence, troubleshooting, logs, analytics, and solution monitoring. Hands-on labs provide access to an NSX Advanced Load Balancer environment to reinforce the skills and concepts presented in the course. Course Introduction Introduction and course logistics Course objectives Introduction to NSX Advanced Load Balancer Illustrate NSX Advanced Load Balancer Explain NSX Advanced Load Balancer architecture and components Describe control plane clustering and high availability Describe data plane high availability mode Understand the common terminologies used with NSX Advanced Load Balancer Explain the NSX Advanced Load Balancer service elements Explain virtual service components and how to configure a virtual service Explain application profiles and network profiles Explain the pool configuration options and how to configure a pool Explain the available load-balancing algorithms Explain and configure SSL profiles and certificates Explain cloud connectors and cloud connector integration modes Explain multiple health monitor types Understand client logs Introduction to Application Security Understand web application security breaches and the implication of breaches Explain common terminologies related to Web Application Security Understand the different teams involved to secure applications Attacking Web Applications Understand the various web application security testing methodologies Understand the OWASP Top 10 vulnerabilities Understand the tools to generate a web application attack Describe a few types of web application attacks Types of Transport Understand different web traffic transport modes Describe web traffic and API traffic NSX Advanced Load Balancer WAF Components Understand the core design principles of NSX Advanced Load Balancer WAF Describe the NSX Advanced Load Balancer WAF components that build the WAF security pipeline Understand the NSX Advanced Load Balancer WAF configuration objects NSX Advanced Load Balancer WAF Operations Examine how to set up an application with WAF Describe considerations for the WAF policy Work with WAF logs and analytics Describe WAF policy tuning Describe the options available to remediate false positive mitigation NSX Advanced Load Balancer WAF Best Practices Describe technical and application considerations for onboarding an application front ended by WAF Describe best practices to remediate false positive mitigation. Describe how to manage a response from a back-end application server and client upload to the application server Describe the consideration for setting the rigidity of a WAF signature rule set Describe the options available to identify client traffic NSX Advanced Load Balancer WAF Sizing Understand how to do WAF data plane sizing in Greenfield and Brownfield deployments NSX Advanced Load Balancer WAF Custom Rules Understand WAF custom rules Describe the need and recommendation for custom rules Describe ModSecurity rules Understand the ModSecurity rule structure and explain how to construct the rule Analyze a sample custom rule for the use-case scenario for in-depth understanding of a custom rule NSX Advanced Load Balancer WAF Application Learning Understand the significance of Application Learning Explain the Positive Security Model architecture Describe the WAF multifaceted Application Learning technique to build an application model for creating positive security rules Describe how to view the data that is learned by the Application learning module Describe the WAF Virtual Patching technique to construct a WAF policy from Dynamic Application Security Testing (DAST) scanner results Understand the conditions for sharing WAF Learning Data and PSM Group in WAF Policy. Malware Protection Through ICAP in NSX Advanced Load Balancer Understand Malicious File Upload Protection and ICAP workflow Describe ICAP configuration and log analytics NSX Advanced Load Balancer IP Reputation Understand IP Reputation concepts and their integration with NSX Advanced Load Balancer Describe IP Reputation configuration, log analytics, and troubleshooting DataScript for Application Security Describe DataScript events and reference Describe application security using DataScript Explain how to troubleshoot DataScript issues Rate Limiting and DOS Describe and configure the NSX Advanced Load Balancer rate limiter technique Describe protection from denial of service (DoS) attacks and distributed DoS (DDoS) attacks in NSX Advanced Load Balancer Explain the Service Engine general advice and guidance for DDOS Bot Management Understand Bots Describe the Bot Management mechanism in NSX Advanced Load Balancer Describe how to configure NSX Advanced Load Balancer Bot Management Managing Personally Identifiable Information in NSX Advanced Load Balancer Understand Personally Identifiable Information (PII) Understand the scope of managing PII in NSX Advanced Load Balancer Describe how to configure the hidden PII in NSX Advanced Load Balancer logs using profiles and WAF rules. Threat Intelligence Introduce the Threat Intelligence service Describe the Threat Intelligence live security threat feed for multiple attack vectors Describe how to configure Threat Intelligence in NSX Advanced Load Balancer Application Programming Interface Security Define Application Programming Interface (API) Security Understand API authentication and authorization using virtual service authentication mechanisms used for a virtual service such as LDAP, SAML, JSON Web Token, and OAUTH Understand API Rate Limiting in NSX Advanced Load Balancer Understand the NSX Advanced Load Balancer WAF Protection for API Additional course details:Notes Delivery by TDSynex, Exit Certified and New Horizons an VMware Authorised Training Centre (VATC) Nexus Humans VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x] training program is a workshop that presents an invigorating mix of sessions, lessons, and masterclasses meticulously crafted to propel your learning expedition forward. This immersive bootcamp-style experience boasts interactive lectures, hands-on labs, and collaborative hackathons, all strategically designed to fortify fundamental concepts. Guided by seasoned coaches, each session offers priceless insights and practical skills crucial for honing your expertise. Whether you're stepping into the realm of professional skills or a seasoned professional, this comprehensive course ensures you're equipped with the knowledge and prowess necessary for success. While we feel this is the best course for the VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x] course and one of our Top 10 we encourage you to read the course outline to make sure it is the right content for you. Additionally, private sessions, closed classes or dedicated events are available both live online and at our training centres in Dublin and London, as well as at your offices anywhere in the UK, Ireland or across EMEA.

Duration 2 Days 12 CPD hours This course is intended for This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP AFM system. This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed. Module 1: Setting Up the BIG-IP System Introducing the BIG-IP System Initially Setting Up the BIG-IP System Archiving the BIG-IP System Configuration Leveraging F5 Support Resources and Tools Module 2: AFM Overview AFM Overview AFM Availability AFM and the BIG-IP Security Menu Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Module 3: Network Firewall AFM Firewalls Contexts Modes Packet Processing Rules and Direction Rules Contexts and Processing Inline Rule Editor Configuring Network Firewall Network Firewall Rules and Policies Network Firewall Rule Creation Identifying Traffic by Region with Geolocation Identifying Redundant and Conflicting Rules Identifying Stale Rules Prebuilding Firewall Rules with Lists and Schedules Rule Lists Address Lists Port Lists Schedules Network Firewall Policies Policy Status and Management Other Rule Actions Redirecting Traffic with Send to Virtual Checking Rule Processing with Packet Tester Examining Connections with Flow Inspector Module 4: Logs Event Logs Logging Profiles Limiting Log Messages with Log Throttling Enabling Logging in Firewall Rules BIG-IP Logging Mechanisms Log Publisher Log Destination Filtering Logs with the Custom Search Facility Logging Global Rule Events Log Configuration Changes QKView and Log Files SNMP MIB SNMP Traps Module 5: IP Intelligence Overview Feature 1 Dynamic White and Black Lists Black List Categories Feed Lists IP Intelligence Policies IP Intelligence Log Profile IP Intelligence Reporting Troubleshooting IP Intelligence Lists Feature 2 IP Intelligence Database Licensing Installation Configuration Troubleshooting IP Intelligence iRule Module 6: DoS Protection Denial of Service and DoS Protection Overview Device DoS Protection Configuring Device DoS Protection Variant 1 DoS Vectors Variant 2 DoS Vectors Automatic Threshold Configuration Variant 3 DoS Vectors Device DoS Profiles DoS Protection Profile Dynamic Signatures Dynamic Signatures Configuration DoS iRules Module 7: Reports AFM Reporting Facilities Overview Examining the Status of Particular AFM Features Exporting the Data Managing the Reporting Settings Scheduling Reports Examining AFM Status at High Level Mini Reporting Windows (Widgets) Building Custom Widgets Deleting and Restoring Widgets Dashboards Module 8: DoS White Lists Bypassing DoS Checks with White Lists Configuring DoS White Lists tmsh options Per Profile Whitelist Address List Module 9: DoS Sweep Flood Protection Isolating Bad Clients with Sweep Flood Configuring Sweep Flood Module 10: IP Intelligence Shun Overview Manual Configuration Dynamic Configuration IP Intelligence Policy tmsh options Extending the Shun Feature Route this Traffic to Nowhere - Remotely Triggered Black Hole Route this Traffic for Further Processing - Scrubber Module 11: DNS Firewall Filtering DNS Traffic with DNS Firewall Configuring DNS Firewall DNS Query Types DNS Opcode Types Logging DNS Firewall Events Troubleshooting Module 12: DNS DoS Overview DNS DoS Configuring DNS DoS DoS Protection Profile Device DoS and DNS Module 13: SIP DoS Session Initiation Protocol (SIP) Transactions and Dialogs SIP DoS Configuration DoS Protection Profile Device DoS and SIP Module 14: Port Misuse Overview Port Misuse and Service Policies Building a Port Misuse Policy Attaching a Service Policy Creating a Log Profile Module 15: Network Firewall iRules Overview iRule Events Configuration When to use iRules More Information Module 16: Recap BIG-IP Architecture and Traffic Flow AFM Packet Processing Overview