Application Security - WAF Gateway Course

Course Overview

In this 4 day hands-on course, students will learn:

  • Configure SecureSphere for an on premises Web Application Firewall including ThreatRadar subscription services
  • Evaluate the configuration of the Web Application Firewall to verify assets are protected
  • Implement security controls using Policies and Followed Actions
  • Configure Web Profiling and Active Blocking
  • Analyze Violations and Alerts
  • Perform best practice tuning tasks
  • Integrate external web scanner data with SecureSphere and manage identified vulnerabilities. Configure SecureSphere Web Gateway to work in a Reverse Proxy deployment mode
  • Full-day Capstone lab for concept reinforcement and certification prep

Prerequisites

Before taking this course, you should have the following skills:

  • General understanding of application layer security concepts, application layer Web, and/or database protocols.
  • Basic understanding of HTML and HTTP to URLs, Parameters, headers, methods, HTTP server response codes, etc.
  • Experience implementing or managing data center security or database applications.

Audience Profile

This course is intended for security administrators, security analysts, security engineers, and Web application developers who are responsible for securing and monitoring Web applications with SecureSphere.

Learning Objectives

  • Explore how Cloudflare supports application deployment
  • Understand domain registration and SSL certificates
  • Employ different kinds of SSL Certificates to secure web applications
  • Configure caching to speed the delivery of resources

Content Outline

  • Review the SecureSphere Architecture 
  • Become familiar with the presentation of the training materials. 
  • Learn to use the Imperva training portal to find supplemental course materials.
  •  Become familiar with the lab environment, topology, and user accounts.
  •  Become familiar with the SecureSphere Web UI’s major components and navigating the Web UI.
  • Set password strength requirements.
  • Enable users to enter comments when making changes to security policies.
  • Create SecureSphere user accounts and roles.
  • Configure Active Directory authentication.
  • Update ADC content.
  •  Create a Site. 
  • Create a Server Group.
  •  Create a Service and default Application. 
  • Discover and secure previously unknown servers on the network.
  •  Add discovered servers to a Site.
  •  Configure Forwarded Connections (Load Balanced Traffic)
  •  Install Protected Web Servers’ SSL Keys
  •  Configure Data Masking
  • Configure Web Error Pages
  •  Create and Configure Web Applications as needed.
  •  Direct HTTP client traffic to the appropriate Web Application.
  •  Adjust initial learning thresholds so that SecureSphere more accurately profiles web traffic.
  • Define, compare, and contrast Action Interfaces, Action Sets, and Followed Actions.
  •  Explain placeholders, and where to find complete details regarding them.
  •  Create Email, FTP, Syslog, etc., Action Interfaces as needed.
  •  Create Email, FTP, Syslog, etc., Action Sets as needed.
  •  Use Followed Actions to implement Action Sets on system administration jobs.
  •  Given different types of Web attacks, configure appropriate policies to defend Web applications.
  •  Implement Followed Actions in Security Policies.
  •  Configure and apply:
     
  •  Signature policies to defend Web applications from attacks with easily recognizable signatures.
  •  Protocol policies to defend Web applications from protocol attacks.
  •  Correlation policies to protect against multi-front Web attacks.
  •  Custom Web policies to protect specific application weaknesses.
  •  Explain the factors that determine when to use modify a built-in policy, and when to create a copy of a built-in policy and modify it instead.
  •  Describe the components of the Web Application Profile.
  •  Explain how the Web Application Profile learns and protects web applications.
  •  Define and explain how application activity is mapped to the profile application mapping.
  •  Identify common web application components used in the learning process.
  •  Define and explain how web application user tracking operates.
  • Explain how to select Web Profile Policy rules for the protected web application.
  • Identify and configure appropriate ThreatRadar feeds to help secure web applications.
  •  Identify when to use and how to configure TR Reputation Services.
  •  Identify when to use and how to configure ThreatRadar Bot Protection.
  •  Identify when to use and how to configure Intelligence (Community Defense)
  • Use the Monitoring Dashboard to view a summary of current Violations and Alerts.
  •  Perform detailed analysis of Alerts and Violations to identify false positives, attacks, and tuning opportunities.
  •  Use the “Add as Exception” and “add to profile” buttons to tune policies and profiles.
  •  Manage the workflow of Security Monitoring by using SecureSphere’s Alert Flags.
  •  Describe the features of SecureSphere’s Report Settings.
  •  Describe how to work with report Keywords.
  •  Create reports of various types, including System Events, Configuration, and Alerts reports.
  •  Schedule Reports and the Reports Archive job.
  •  Create security-focused reports, such as Daily or Weekly Top 10Alert reports.
  •  Use Reports to identify where to tune SecureSphere. 
  • Use the Profile Optimization Wizard to help tune Profiles.
  •  Explain the impact and trade-offs of various Profile tuning options.
  •  Examine multiple ways to tune Security Policies.
  •  Configure SecureSphere to enforce the tuned configuration.
  •  Move SecureSphere from Simulation to Active Blocking mode.
  •  Verify the non-default error page is working.
  •  Identify and manage Followed Action Block events.
  •  Configure additional Web Error Page Groups as needed.
  •  Select the appropriate reverse proxy mode based on deployment requirements for URL rewriting, cookie signing, SSL termination, and/or response rewriting.
  •  Configure Reverse Proxy mode settings.
  •  Configure and apply SSL Cipher Suites to inbound and outbound proxy rules.
  •  Create and configure default and custom web error pages for use in security policies.
  •  Configure URL rewrite and redirection rules.
  • Configure SecureSphere to work with SSL Client Certificates.

The Capstone Exercise challenges students to perform a series of tasks designed to help students reinforce learning by recalling and applying the concepts and skills presented during the class. Tasks include:

  • Configure a Site Hierarchy to protect a Web Application.
  •  Mask sensitive data, such as credit card numbers, so they are not exposed.
  •  Configure SecureSphere’s Web Application profiles and map web traffic to appropriate Web Applications.
  •  Configure SecureSphere to properly support and inspect traffic that is load balanced or peroxided before reaching the protected web servers.
  •  Automate and archive regular SecureSphere system backups.
  •  Configure SecureSphere to protect web servers against data leakage. 
  • Configure SecureSphere to share information with external monitoring servers, such as a syslog server.
  •  Perform Security Tuning to optimize SecureSphere’s configuration.
  •  Create a variety of reports.
  •  Find and protect unexpected / rogue servers on the network

FAQs

A: Imperva's Web Protection is based on a network of secure reverse proxies deployed on our globally distributed CDN. Web traffic that is routed through the Imperva network is terminated by those proxies, allowing Imperva to inspect each and every request to the website and identify and block any malicious activity.

A: Imperva protects cloud applications, websites and applications, files, SharePoint systems, databases and big data repositories from both theft and ever-evolving extortion attacks like DDoS and ransomware.

A: Imperva Cloud WAF offers the industry's leading web application security firewall, providing enterprise-class protection against the most sophisticated security threats. As a cloud-based WAF, it ensures that your website is always protected against any type of application layer hacking attempt.

A: Imperva Data Security provides continuous monitoring with separation of duties. It captures and analyzes all database activity from both application and privileged user accounts, providing detailed audit trails that show who accesses what data, when, and what was done to the data.

A: To attend the training session, you should have operational Desktops or Laptops with the required specifications, along with a good internet connection to access the labs.

A: We would always recommend you attend the live session to practice & clarify the doubts instantly and get more value from your investment. However, if, due to some contingency if you have to skip the class, Radiant Tech learning will help you with the recorded session of that particular day. However, those recorded sessions are not meant only for personal consumption and NOT for distribution or any commercial use.

A: Radiant Tech learning has a data center containing the Virtual Training environment for the purpose of participant hand-on-practice. Participants can easily access these labs over Cloud with the help of a remote desktop connection. Radiant virtual labs provide you the flexibility to learn from anywhere in the world and in any time zone.

A: The learners will be enthralled as we engage them in real-world and Oriented industry projects during the training program. These projects will improve your skills and knowledge, and you will gain a better experience. These real-time projects will help you a lot in your future tasks and assignments.

A: You can request a return if you do not desire to enroll in the course.

A: Yes you can.

A: We use the ideal standards in Internet security. Any data retained is not communicated with third parties.

A:It is recommended but not mandatory. Being acquainted with the primary course material will enable students and the trainer to move at the desired pace during classes. You can access courseware for most vendors.

A: You can buy online from the page by clicking on "Buy Now". You can view alternate payment methods on the payment options page.

A:Yes, students can pay from the course page.

A: The course completion certification will be awarded to all the professionals who have completed the training program & the project assignment given by your instructor. You can use the certificate in your future job interviews which will surely help you to acquire your dream job.

A: Radiant believes in a practical & creative approach to training & development, which distinguishes it from other training & development platforms. Moreover, training courses are undertaken by some experts with range of experience in their domain.

A: Radiant team of experts will be available at e-mail support@radianttechlearning.com to answer your technical queries even after the training program.

A: Yes, Radiant will provide you with the most updated high, value & relevant real-time projects & case studies in each training program.

A: Technical issues are unpredictable & might occur with us as well. Participants have to ensure they have access to the required configuration with good internet speed.

A: Radiant Techlearning offers training programs on weekdays, weekends & combination of weekdays & weekends. We provide you with complete liberty to choose the schedule that suits your needs.

A: Radiant has highly intensive selection criteria for Technology Trainers & Consultants, who deliver you training programs. Our trainers & consultants undergo rigorous technical and behavioral interview and assessment processes before they are on board in the company.

Our Technology experts/trainers & consultants carry deep-dive knowledge in the technical subject & are certified from the OEM.

Our training programs are practically oriented with 70% – 80% hands on the training technology tool.  Our training program focuses on one-on-one interaction with each participant, latest content in curriculum, real-time projects and case studies during the training program.

Our faculty will provide you with the knowledge of each course from the fundamental level in an easy way and you are free to ask your doubts any time from your respective faculty.

Our trainers have patience and ability to explain difficult concepts in a simplistic way with depth and width of knowledge.

To ensure quality learning, we provide a support session even after the training program.

Send a Message.


  • Enroll