Close
DANH SÁCH KHÓA HỌC / COURSE BY TECHNOLOGY VENDORS / VMWARE

VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x]

Tóm tắt khóa học:

Khóa học kéo dài ba ngày này cung cấp khóa đào tạo toàn diện để cài đặt, cấu hình và quản lý giải pháp Tường lửa ứng dụng web (WAF) VMware NSX Advanced Load Balancer. Khóa học này bao gồm các tính năng và chức năng chính của WAF NSX Advanced Load Balancer được cung cấp trong bản phát hành NSX Advanced Load Balancer 22.1.3 để bảo mật web và bảo vệ ứng dụng khỏi các cuộc tấn công. Các tính năng bao gồm đường ống bảo mật, học ứng dụng, điều chỉnh chính sách, giảm thiểu dương tính giả, vá lỗi ảo, thông tin tình báo về mối đe dọa, khắc phục sự cố, nhật ký, phân tích và giám sát giải pháp. Các phòng thí nghiệm thực hành cung cấp quyền truy cập vào môi trường NSX Advanced Load Balancer để củng cố các kỹ năng và khái niệm được trình bày trong khóa học.

Thời lượng khóa học: 3 Ngày


Nội dung khóa học:

1 Course Introduction

  • Introduction and course logistics
  • Course objectives

2 Introduction to NSX Advanced Load Balancer

  • Illustrate NSX Advanced Load Balancer
  • Explain NSX Advanced Load Balancer architecture and components
  • Describe control plane clustering and high availability
  • Describe the data plane high-availability mode
  • Review the common terminologies used with NSX Advanced Load Balancer
  • Explain the NSX Advanced Load Balancer service elements
  • Explain the virtual service components and how to configure a virtual service
  • Explain application profiles and network profiles
  • Explain the pool configuration options and how to configure a pool
  • Explain the available load-balancing algorithms
  • Explain and configure SSL profiles and certificates
  • Explain cloud connectors and cloud connector integration modes
  • Explain multiple health monitor types
  • Discuss client logs

3 Introduction to Application Security

  • Discuss web application security breaches and the implication of breaches
  • Explain common terminologies related to Web Application Security
  • Discuss the different teams involved to secure applications

4 Attacking Web Applications

  • Discuss the various web application security testing methodologies
  • Explain the OWASP Top 10 vulnerabilities
  • Discuss the tools to generate a web application attack
  • Describe a few types of web application attacks

5 Types of Transport

  • Review different web traffic transport modes
  • Describe web traffic and API traffic

6 NSX Advanced Load Balancer WAF Components

  • Describe the NSX Advanced Load Balancer WAF components that build the WAF security pipeline
  • Explain the NSX Advanced Load Balancer WAF configuration objects

7 NSX Advanced Load Balancer WAF Application Learning

  • Explain the significance of Application Learning
  • Explain the Positive Security Model architecture
  • Describe the WAF multifaceted Application Learning technique to build an application model for creating positive security rules
  • Describe how to view the data that is learned by the Application learning module
  • Describe the WAF Virtual Patching technique to construct a WAF policy from Dynamic Application Security Testing (DAST) scanner results
  • Discuss the conditions for sharing WAF Learning Data and PSM Group in WAF Policy

8 NSX Advanced Load Balancer WAF Best Practices

  • Describe technical and application considerations for onboarding an application front ended by WAF
  • Describe best practices to remediate false positive mitigation
  • Describe how to manage a response from a back-end application server and client upload to the application server
  • Describe the consideration for setting the rigidity of a WAF signature rule set
  • Describe the options available to identify client traffic

9 NSX Advanced Load Balancer WAF Operations

  • Examine how to set up an application with WAF
  • Describe considerations for the WAF policy
  • Work with WAF logs and analytics
  • Describe WAF policy tuning
  • Describe the options available to remediate false positive mitigation

10 NSX Advanced Load Balancer WAF Custom Rules

  • Explain WAF custom rules
  • Describe the need and recommendation for custom rules
  • Describe ModSecurity rules
  • Discuss the ModSecurity rule structure and explain how to construct the rule
  • Analyze a sample custom rule use-case scenario

11 NSX Advanced Load Balancer WAF Sizing

  • Discuss how to do WAF data plane sizing in Greenfield and Brownfield deployments

12 IP Reputation Service Administration in NSX Advanced Load Balancer

  • Explain IP Reputation concepts and their integration with NSX Advanced Load Balancer
  • Describe IP Reputation configuration, log analytics, and troubleshooting

13 NSX Advanced Load Balancer DataScript for Application Security

  • Describe DataScript events and reference
  • Describe application security using DataScript
  • Explain how to troubleshoot DataScript errors

14 Rate Limiting and DDOS protection in NSX Advanced Load Balancer

  • Describe and configure the NSX Advanced Load Balancer rate limiter technique
  • Describe protection from denial of service (DoS) attacks and distributed DoS (DDoS) attacks in NSX Advanced Load Balancer
  • Explain the Service Engine general advice and guidance for DDOS

15 Bot Management in NSX Advanced Load Balancer

  • Explain Bots
  • Describe the Bot Management mechanism in NSX Advanced Load Balancer
  • Describe how to configure NSX Advanced Load Balancer Bot Management

16 Handling Personally Identifiable Information in NSX Advanced Load Balancer

  • Explain Personally Identifiable Information (PII)
  • Discuss the scope of managing PII in NSX Advanced Load Balancer
  • Describe how to configure the hidden PII in NSX Advanced Load Balancer logs using profiles and WAF rules

17 Threat Intelligence Services

  • Introduce the Threat Intelligence service
  • Describe the Threat Intelligence live security threat feed for multiple attack vectors
  • Describe how to configure Threat Intelligence in NSX Advanced Load Balancer

18 Malware Protection with ICAP in NSX Advanced Load Balancer

  • Discuss malicious file upload protection and ICAP workflow
  • Describe ICAP configuration and log analytics

19 Application Programming Interface Security

  • Define API Security
  • Recognize API authentication and authorization using virtual service authentication mechanisms used for a virtual service such as LDAP, SAML, JSON Web Token, and OAUTH
  • Recognize API rate limiting in NSX Advanced Load Balancer
  • Recognize the NSX Advanced Load Balancer WAF Protection for API