VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x] Cou

About

Course Outline

Audience

Prerequisites

This three-day course provides comprehensive training to install, configure, and manage a VMware NSX Advanced Load Balancer Web Application Firewall (WAF) solution. This course covers key NSX Advanced Load Balancer WAF features and functionality offered in the NSX Advanced Load Balancer 22.1.3 release for web security and application attack protection. Features include security pipeline, application learning, policy tuning, false positive mitigation, virtual patching, threat intelligence, troubleshooting, logs, analytics, and solution monitoring. Hands-on labs provide access to an NSX Advanced Load Balancer environment to reinforce the skills and concepts presented in the course.

star

star_half

* Actual course outline may vary depending on offering center. Contact your sales representative for more information.

Learning Objectives

By the end of the course, you should be able to meet the following objectives:
Describe the NSX Advanced Load Balancer architecture, components, and main functions
Explain the key features and benefits of NSX Advanced Load Balancer
Explain and configure local load-balancing constructs such as virtual services, pools, health monitors, and related components
Recognize web application breaches and threats
Recognize multiple attack vectors such as web scraping, Layer 7 Denial of Service, brute force, and code injections
Explain the components of NSX Advanced Load Balancer WAF that build a security pipeline to protect a web application from being attacked
Describe how to configure the NSX Advanced Load Balancer WAF components
Describe an NSX Advanced Load Balancer WAF operational task such as setting up an application with WAF, tuning the WAF Policy, and working with logs and analytics
Explain the NSX Advanced Load Balancer WAF best practices for on-boarding a web application; configuring WAF settings for effective application security
Explain how to size the NSX Advanced Load Balancer WAF data plane
Explain the WAF Application learning feature, configuration of Application learning, Virtual Patching concepts, common caveats, and troubleshooting while deploying in any environment
Recognize NSX Advanced Load Balancer Cloud Services that include threat Intelligence services
Describe the Threat Intelligence service provided by NSX Advanced Load Balancer WAF and how the NSX Advanced Load Balancer WAF Threat Intelligence service receives live security threat feed for multiple attack vectors from Cloud Services (formerly Avi Pulse)
Describe the NSX Advanced Load Balancer DataScript capabilities for detecting and defending against advance and zero-day attacks.
Discuss the relevant NSX Advanced Load Balancer WAF logs and perform basic troubleshooting of applications that are protected by NSX Advanced Load Balancer WAF
Explain the NSX Advanced Load Balancer WAF capability to protect Personally Identifiable Information (PII)

COURSE INTRODUCTION
Introduction and course logistics
Course objectives

INTRODUCTION TO NSX ADVANCED LOAD BALANCER
Illustrate NSX Advanced Load Balancer
Explain NSX Advanced Load Balancer architecture and components
Describe control plane clustering and high availability
Describe data plane high availability mode
Understand the common terminologies used with NSX Advanced Load Balancer
Explain the NSX Advanced Load Balancer service elements
Explain virtual service components and how to configure a virtual service
Explain application profiles and network profiles
Explain the pool configuration options and how to configure a pool
Explain the available load-balancing algorithms
Explain and configure SSL profiles and certificates
Explain cloud connectors and cloud connector integration modes
Explain multiple health monitor types
Understand client logs

INTRODUCTION TO APPLICATION SECURITY
Understand web application security breaches and the implication of breaches
Explain common terminologies related to Web Application Security
Understand the different teams involved to secure applications

ATTACKING WEB APPLICATIONS
Understand the various web application security testing methodologies
Understand the OWASP Top 10 vulnerabilities
Understand the tools to generate a web application attack
Describe a few types of web application attacks

TYPES OF TRANSPORT
Understand different web traffic transport modes
Describe web traffic and API traffic

NSX ADVANCED LOAD BALANCER WAF COMPONENTS
Understand the core design principles of NSX Advanced Load Balancer WAF
Describe the NSX Advanced Load Balancer WAF components that build the WAF security pipeline
Understand the NSX Advanced Load Balancer WAF configuration objects

NSX ADVANCED LOAD BALANCER WAF OPERATIONS
Examine how to set up an application with WAF
Describe considerations for the WAF policy
Work with WAF logs and analytics
Describe WAF policy tuning
Describe the options available to remediate false positive mitigation

NSX ADVANCED LOAD BALANCER WAF BEST PRACTICES
Describe technical and application considerations for onboarding an application front ended by WAF
Describe best practices to remediate false positive mitigation.
Describe how to manage a response from a back-end application server and client upload to the application server
Describe the consideration for setting the rigidity of a WAF signature rule set
Describe the options available to identify client traffic

NSX ADVANCED LOAD BALANCER WAF SIZING
Understand how to do WAF data plane sizing in Greenfield and Brownfield deployments

NSX ADVANCED LOAD BALANCER WAF CUSTOM RULES
Understand WAF custom rules
Describe the need and recommendation for custom rules
Describe ModSecurity rules
Understand the ModSecurity rule structure and explain how to construct the rule
Analyze a sample custom rule for the use-case scenario for in-depth understanding of a custom rule

NSX ADVANCED LOAD BALANCER WAF APPLICATION LEARNING
Understand the significance of Application Learning
Explain the Positive Security Model architecture
Describe the WAF multifaceted Application Learning technique to build an application model for creating positive security rules
Describe how to view the data that is learned by the Application learning module
Describe the WAF Virtual Patching technique to construct a WAF policy from Dynamic Application Security Testing (DAST) scanner results
Understand the conditions for sharing WAF Learning Data and PSM Group in WAF Policy.

MALWARE PROTECTION THROUGH ICAP IN NSX ADVANCED LOAD BALANCER
Understand Malicious File Upload Protection and ICAP workflow
Describe ICAP configuration and log analytics

NSX ADVANCED LOAD BALANCER IP REPUTATION
Understand IP Reputation concepts and their integration with NSX Advanced Load Balancer
Describe IP Reputation configuration, log analytics, and troubleshooting

DATASCRIPT FOR APPLICATION SECURITY
Describe DataScript events and reference
Describe application security using DataScript
Explain how to troubleshoot DataScript issues

RATE LIMITING AND DOS
Describe and configure the NSX Advanced Load Balancer rate limiter technique
Describe protection from denial of service (DoS) attacks and distributed DoS (DDoS) attacks in NSX Advanced Load Balancer
Explain the Service Engine general advice and guidance for DDOS

BOT MANAGEMENT
Understand Bots
Describe the Bot Management mechanism in NSX Advanced Load Balancer
Describe how to configure NSX Advanced Load Balancer Bot Management

MANAGING PERSONALLY IDENTIFIABLE INFORMATION IN NSX ADVANCED LOAD BALANCER
Understand Personally Identifiable Information (PII)
Understand the scope of managing PII in NSX Advanced Load Balancer
Describe how to configure the hidden PII in NSX Advanced Load Balancer logs using profiles and WAF rules.

THREAT INTELLIGENCE
Introduce the Threat Intelligence service
Describe the Threat Intelligence live security threat feed for multiple attack vectors
Describe how to configure Threat Intelligence in NSX Advanced Load Balancer

APPLICATION PROGRAMMING INTERFACE SECURITY
Define Application Programming Interface (API) Security
Understand API authentication and authorization using virtual service authentication mechanisms used for a virtual service such as LDAP, SAML, JSON Web Token, and OAUTH
Understand API Rate Limiting in NSX Advanced Load Balancer
Understand the NSX Advanced Load Balancer WAF Protection for API

$2,775

Length: 3.0 days (24 hours)

Level:

Not Your Location? Change

Online Schedule

In Class Schedule

On Demand

VMware NSX Advanced Load Balancer: Web Application Firewall Security [V22.x]

Course from New Horizons

Learning Objectives

COURSE INTRODUCTION

INTRODUCTION TO NSX ADVANCED LOAD BALANCER

INTRODUCTION TO APPLICATION SECURITY

ATTACKING WEB APPLICATIONS

TYPES OF TRANSPORT

NSX ADVANCED LOAD BALANCER WAF COMPONENTS

NSX ADVANCED LOAD BALANCER WAF OPERATIONS

NSX ADVANCED LOAD BALANCER WAF BEST PRACTICES

NSX ADVANCED LOAD BALANCER WAF SIZING

NSX ADVANCED LOAD BALANCER WAF CUSTOM RULES

NSX ADVANCED LOAD BALANCER WAF APPLICATION LEARNING

MALWARE PROTECTION THROUGH ICAP IN NSX ADVANCED LOAD BALANCER

NSX ADVANCED LOAD BALANCER IP REPUTATION

DATASCRIPT FOR APPLICATION SECURITY

RATE LIMITING AND DOS

BOT MANAGEMENT

MANAGING PERSONALLY IDENTIFIABLE INFORMATION IN NSX ADVANCED LOAD BALANCER

THREAT INTELLIGENCE

APPLICATION PROGRAMMING INTERFACE SECURITY

Audience

Language

English

Prerequisites

Course Schedule:

To request a custom delivery, please chat with an expert.