F5 Advanced WAF (PAYG, 1GBPS) Getting Started Guide
Transcript of F5 Advanced WAF (PAYG, 1GBPS) Getting Started Guide
F5 Advanced WAF (PAYG, 1GBPS)Getting Started Guide
In cooperation with
The F5 Advanced WAF provides comprehensive protection for websites, mobile apps, and APIs against a range of threats, including the OWASP Top 10 and code-level vulnerabilities, with integrated threat intelligence. It also protects applications against automated malicious bot attacks and provides encryption for form field data to protect against credential and other sensitive data theft. Behavioral analytics and machine learning provide highly accurate Layer 7 DoS detection and mitigation.
In cooperation with
Locate F5 Advanced WAF in AWS Marketplace. Select the Continue to Subscribe button.
Step 1
Subscribing to F5 Advanced WAF
In cooperation with
Accept the terms at the next page and click the Continue to Configuration button.Step 2
Part 1 complete
Part 2: Demonstration Guide for F5 Advanced WAFSteps 1-2 of 26
In cooperation with
Step 1
Step 2
You can then locate the F5 Advanced WAF in your AWS dashboard.
From the drop-down menu, select Launch new instance.
Steps 3 - 4 of 26
Part 2: Demonstration Guide for F5 Advanced WAF
In cooperation with
Step 3
Step 4
Select the Continue to launch through EC2 button
Select your instance type and select the Configure Instance Details button at the bottom of the page.
Steps 5 - 6 of 26
In cooperation with
Step 5
Step 6
Select the appropriate VPC
Review the EC2 information and select the Launch button.
Steps 7 - 8 of 26
In cooperation with
Step 7
Step 8
Select the Key Pair and choose the Launch Instances button to launch your EC2 instance.
Copy the BIG-IP instance hostname and access the instance through the browser.
Steps 9 - 10 of 26
In cooperation with
Step 9
Step 10
Paste the BIG-IP instance hostname in the browser.
Log into the page
Steps 11 - 12 of 26
In cooperation with
Step 11 You will see the main dashboard.
Select Resource Provisioning on the left-side and set the ASM (Application Security Module) and FPS (Fraud Protection Services) modules to nominal. Note: WAF, BOT, and DOS functionality require the ASM module and DataSafe requires the FPS module.
Step 12
Steps 13 - 14 of 26
In cooperation with
You can use guided configuration to setup WAF, BOT, and DOS protection.
Configure the virtual server (VS)
Step 14
Step 13
Steps 15 - 16 of 26
In cooperation with
Step 15 Enable the extra feature called Evasion technique detected.
Now, if you attempt a Directory Traversal attack, you will receive an error message back.
Step 16
Steps 17 - 18 of 26
In cooperation with
On the left side, select Security, then Data Protection to access the DataSafe configuration menu.Note: DataSafe is used to encrypt form field data.
If you navigate to the Event Logs, you will see the evasion technique was detected.
Step 18
Step 17
Steps 19 - 20 of 26
In cooperation with
Step 19
Steps 21 - 22 of 26
Step 20 And add in the URL as: /user/login
Select the URL List tab to add in the URL
In cooperation with
Step 21
Step 22
Select the Parameters tab and then set the username and password parameters.
If you enter in the username, it is now encrypted.
Steps 23 - 24 of 26
In cooperation with
Step 23 You can set a Bot defense policy.
Steps 25 - 26 of 26
Step 24 If you generate a bot-like request, you will notice the request is blocked.
In cooperation with
Step 25 Navigate to the Event Logs to see more information on the bot attack.
Step 26 Continued
Step 26 Navigate to the OWASP Top 10 dashboard, which allows you to easily see where additional controls are needed.
In cooperation with
Part 2 complete
Step 26 Continued
Thank you. For more information, visit https://amzn.to/2q4k6zS
In cooperation with