Login / Register

Shopping cart

F5 Configuring BIG-IP Advanced WAF: Web Application Firewall

Category:

Last Update:

July 16, 2026

Accredited by:

Course Objectives

  • Describe the role of the BIG-IP system as a full proxy device in an application delivery network.

  • Provision the F5 Advanced Web Application Firewall.

  • Define a web application firewall.

  • Describe how F5 Advanced Web Application Firewall protects a web application by securing file types, URLs, and parameters.

  • Deploy F5 Advanced Web Application Firewall using the Rapid Deployment template (and other templates) and define the security checks included in each.

  • Define learn, alarm, and block settings as they pertain to configuring F5 Advanced Web Application Firewall.

  • Define attack signatures and explain why attack signature staging is important.

  • Deploy Threat Campaigns to secure against CVE threats.

  • Contrast positive and negative security policy implementation and explain benefits of each.

  • Configure security processing at the parameter level of a web application.

  • Deploy F5 Advanced Web Application Firewall using the Automatic Policy Builder.

  • Tune a policy manually or allow automatic policy building.

  • Integrate third party application vulnerability scanner output into a security policy.

  • Configure login enforcement for flow control.

  • Mitigate credential stuffing.

  • Configure protection against brute force attacks.

  • Deploy Advanced Bot Defense against web scrapers, all known bots, and other automated agents.

  • Deploy DataSafe to secure client-side data.

Course Topics

  • Resource provisioning for F5 Advanced Web Application Firewall

  • Traffic processing with BIG-IP Local Traffic Manager (LTM)

  • Web application concepts

  • Mitigating the OWASP Top 10 and other vulnerabilities

  • Security policy deployment

  • Security policy tuning

  • Deploying Attack Signatures and Threat Campaigns

  • Positive security building

  • Securing cookies and other headers

  • Reporting and logging

  • Advanced parameter handling

  • Using Automatic Policy Builder

  • Integrating with web vulnerability scanners

  • Login enforcement for flow control

  • Brute force and credential stuffing mitigation

  • Session tracking for client reconnaissance

  • Using Parent and Child policies

  • Layer 7 DoS protection

  • Transaction Per Second-based DoS protection

  • Layer 7 Behavioral DoS Protection

  • Configuring Advanced Bot Defense

  • Web Scraping and other Microservice Protection

  • Working with Bot Signatures

  • Using Datasafe to Secure the client side of the Document Object Model

Target Audience

This course is intended for SecOps personnel responsible for the deployment, tuning, and day-to-day maintenance of F5 Adv. WAF. Participants will obtain a functional level of expertise with F5 Advanced WAF, including comprehensive security policy and profile configuration, client assessment, and appropriate mitigation types.

Prerequisites

There are no F5-technology-specific prerequisites for this course. However, completing the following before attending would be very helpful for students with limited BIG-IP administration and configuration experience:

  • Administering BIG-IP instructor-led course, or

  • F5 Certified BIG-IP Administrator

Training Content

  • Chapter 1: Setting Up the BIG-IP System

  • Chapter 2: Traffic Processing with BIG-IP

  • Chapter 3: Web Application Concepts

  • Chapter 4: Web Application Vulnerabilities

  • Chapter 5: Security Policy Deployment

  • Chapter 6: Policy Tuning and Violations

  • Chapter 7: Attack Signatures and Threat Campaigns

  • Chapter 8: Positive Security Policy Building

  • Chapter 9: Securing Cookies and Other Headers

  • Chapter 10: Visual Reporting and Logging

  • Chapter 11: Lab Project 1

  • Chapter 12: Advanced Parameter Handling

  • Chapter 13: Automatic Policy Building

  • Chapter 14: Web Application Vulnerability Scanner Integration

  • Chapter 15: Deploying Layered Policies

  • Chapter 16: Login Enforcement and Brute Force Mitigation

  • Chapter 17: Reconnaissance with Session Tracking

  • Chapter 18: Layer 7 DoS Mitigation

  • Chapter 19: Advanced Bot Defense

  • Chapter 20: Form Encryption using DataSafe

  • Chapter 21: Review and Final Labs

Price From:

RM20,900.00

Enquire for More Info

Courses You May Like

CERTIFICATION

5 Days

Advanced

RM5,500.00

CERTIFICATION

2 Days

Intermediate

RM8,500.00

CERTIFICATION

5 Days

Fundamental

RM3,500.00

CERTIFICATION