Centrum Szkoleń

Imperva Web Application Security

Szkolenie Język Lokalizacja Data Dni Cena
Imperva Web Application Security Imperva pl Online 2020-09-08
Miejsc: 7!
4 1800.00
2300.00
Rejestruj
Szkolenie Imperva Web Application Security Imperva
Język pl
Lokalizacja Online
Data 2020-09-08
Miejsc: 7!
Dni 4
Cena 1800.00
2300.00
Rejestruj

W czasie sesji szkoleniowej w teorii, a także w praktyce omówione zostaną funkcje ochrony aplikacyjnych firewall-i web. Kolejnym wyzwaniem podczas kursu będzie przeprowadzenie ataków na serwer laboratoryjny oraz weryfikacja sposobu przeciwdziałania zagrożeniom przez systemy Imperva.

Grupa docelowa: Osoby odpowiedzialne za bezpieczeństwo sieci oraz aplikacji, administratorzy oraz inne osoby odpowiedzialne za proces wdrażania oraz utrzymania rozwiązań Imperva SecureSphere.

Wymagania wstępne: Ogólna wiedza dotycząca sieci oraz bezpieczeństwa teleinformatycznego, w tym technologii Ethernet, TCP/IP oraz pojęć związanych z protokołem HTTP.

Harmonogram

Dzień 1 10:00 - 17:00

Lesson 1: Lab Environment and SecureSphere Web UI

  • Review the SecureSphere Architecture
  • Become familiar with the presentation of the training materials.
  • Learn to use the Imperva training portal to find supplemental course materials.
  • Become familiar with the lab environment, topology, and user accounts.
  • Become familiar with the SecureSphere Web UI’s major components and navigating the Web UI.

Lesson 2: Initial Web UI Configuration

  • Set password strength requirements.
  • Enable users to enter comments when making changes to security policies.
  • Create SecureSphere user accounts and roles.
  • Configure Active Directory authentication.
  • Update ADC content.

Lesson 3: Sites Tree Configuration

  • Create a Site.
  • Create a Server Group.
  • Create a Service and default Application.
  • Discover and secure previously unknown servers on the network.
  • Add discovered servers to a Site.

Lesson 4: HTTP Service Configuration

  • Configure Forwarded Connections (Load Balanced Traffic)
  • Install Protected Web Servers’ SSL Keys
  • Configure Data Masking
  • Configure Web Error Pages

Dzień 2 9:00 - 17:00

Lesson 5: HTTP Application Configuration

  • Create and Configure Web Applications as needed.
  • Direct HTTP client traffic to the appropriate Web Application.
  • Adjust initial learning thresholds so that SecureSphere more accurately profile web traffic.

Lesson 6: Actions

  • Define, compare, and contrast Action Interfaces, Action Sets, and Followed Actions.
  • Explain placeholders, and where to find complete details regarding them.
  • Create Email, FTP, Syslog, etc., Action Interfaces as needed.
  • Create Email, FTP, Syslog, etc., Action Sets as needed.
  • Use Followed Actions to implement Action Sets on system administration jobs

Lesson 7: Security Policies

  • Given different types of Web attacks, configure appropriate polices to defend Web applications.
  • Implement Followed Actions in Security Policies.
  • Configure and apply:

o Signature policies to defend Web applications from attacks with easily recognizable signatures.
o Protocol policies to defend Web applications from protocol attacks.
o Correlation policies to protect against multi-front Web attacks.
o Custom Web policies to protect specific application weaknesses.

  • Explain the factors that determine when to use modify a built-in policy, and when to create a copy of a built-in policy and modify it instead.

Lesson 8: Web Application Profiling

  • Describe the components of the Web Application Profile.
  • Explain how the Web Application Profile learns and protects web applications.
  • Define and explain how application activity is mapped to the profile application mapping.
  • Identify common web application components used in the learning process.
  • Define and explain how web application user tracking operates.
  • Explain how to select Web Profile Policy rules for the protected web application.

Dzień 3 9:00 - 17:00

Lesson 9: ThreatRadar

  • Identify and configure appropriate ThreatRadar feeds to help secure web applications.
  • Identify when to use and how to configure TR Reputation Services.
  • Identify when to use and how to configure ThreatRadar Bot Protection.
  • Identify when to use and how to configure Intelligence (Community Defense).

Lesson 10: Alerts and Violations

  • Use the Monitoring Dashboard to view a summary of current Violations and Alerts.
  • Perform detailed analysis of Alerts and Violations to identify false positives, attacks, and tuning opportunities.
  • Use the “Add as Exception” and “add to profile” buttons to tune policies and profiles.
  • Manage the workflow of Security Monitoring by using SecureSphere’s Alert Flags.

Lesson 11: Reporting

  • Describe the features of SecureSphere’s Report Settings.
  • Describe how to work with report Keywords.
  • Create reports of various types, including System Events, Configuration, and Alerts reports.
  • Schedule Reports and the Reports Archive job.
  • Create security-focused reports, such as Daily or Weekly Top 10 Alert reports.

Lesson 12: Web Application Security Tuning

  • Use Reports to identify where to tune SecureSphere
  • Use the Profile Optimization Wizard to help tune Profiles.
  • Explain the impact and trade-offs of various Profile tuning options.
  • Examine multiple ways to tune Security Policies.

Dzień 4 9:00 - 17:00

Lesson 13: Active Blocking

  • Configure SecureSphere to enforce the tuned configuration.
  • Move SecureSphere from Simulation to Active Blocking mode.
  • Verify the non-default error page is working.
  • Identify and manage Followed Action Block events.
  • Configure additional Web Error Page Groups as needed.

Lesson 14: Reverse Proxy

  • Select the appropriate reverse proxy mode based on deployment requirements for URL rewriting, cookie signing, SSL termination, and/or response rewriting.
  • Configure Reverse Proxy mode settings.
  • Configure and apply SSL Cipher Suites to inbound and outbound proxy rules.
  • Create and configure default and custom web error pages for use in security policies.
  •  Configure URL rewrite and redirection rules.
  • Configure SecureSphere to work with SSL Client Certificates.

Lesson 15: End of Class Capstone Exercise

The Capstone Exercise challenges students to perform a series of tasks designed to help students reinforce learning by recalling and applying the concepts and skills presented during the class.

Tasks include:

  • Configure a Site Hierarchy to protect a Web Application.
  • Mask sensitive data, such as credit card numbers, so they are not exposed.
  • Configure SecureSphere’s Web Application profiles and map web traffic to appropriate Web Applications.
  • Configure SecureSphere to properly support and inspect traffic that is load balanced or proxied before reaching the protected web servers.
  • Automate and archive regular SecureSphere system backups.
  • Configure SecureSphere to protect web servers against data leakage.
  • Configure SecureSphere to share information with external monitoring servers, such as a syslog server.
  • Perform Security Tuning to optimize SecureSphere’s configuration.
  • Create a variety of reports.
  • Find and protect unexpected / rogue servers on the network.

Uprawnienia/Certyfikaty

  • Imperva Web Security Associate
  • Imperva Web Security Specialist