NSE 6 - FortiWeb - Zertifizierungs Schulung | Version 5.6.0

DL-FT-NSE6-FortiWeb

Course Description:

In this 3-day instructor-led course, you will learn to deploy, configure, and troubleshoot Fortinet's web application firewall: FortiWeb. Instructors will explain key concepts that affect security in web applications, and then also lead lab exercises where you can explore operating modes and demonstrate protection options that each mode supports. Through traffic and attack simulations with real web applications in the lab, you will learn how to distribute load from virtual servers to real servers while enforcing logical parameters, inspecting flow, and securing HTTP session cookies.

 Product Versions:

FortiWeb 5.6.0

 Who Should Attend:

Anyone who is responsible for day-to-day management of a FortiWeb appliance.

 Prerequisites:

Knowledge of OSI layers & HTTP protocol.

Basic experience with HTML, JavaScript, and a server-side dynamic page language such as PHP.

Basic experience with FortiGate port forwarding.

 Objectives:

After completing these courses, you will be able to:

  • Understand application-layer threats.
  • Fight defacement & DoS.
  • Prevent zero-day attacks without disrupting live traffic.
  • Give apps ex post facto compliance with OWASP Top 10 for 2013 & PCI DSS 3.0.
  • Discover vulnerabilities in your servers & hosted web apps.
  • Configure FortiGate together with FortiWeb for stronger HTTP and XML security.
  • Prevent accidental scan circumvention, yet allow HTTPS, FTP, and SSH.
  • Configure proxy pickup, blocking & logging for an external FortiADC & FortiAnalyzer.
  • Choose the right operating mode.
  • Balance load among a server farm.
  • Add SSL/TLS, authentication, & sophisticated access control to “naked” apps.
  • Train FortiWeb to defend your specific apps.
  • Blacklist suspected hackers, DDoS participants, and content scrapers.
  • Troubleshoot traffic flow, including for FTP/SSH.
  • Diagnose false positives & customize signatures.
  • Optimize performance.

Agenda:

  • Module 1   Course Description
  • Module 2   Introduction
  • Module 2   Basic Setup
  • Module 3   Integrating External SIEM
  • Module 5   Integrating Front-End SNAT and Load Balancers
  • Module 4   DoS and Defacement
  • Module 5   Signatures, Sanitization and Autolearning
  • Module 6   SSL/TLS
  • Module 7   Authentication and Access Control
  • Module 8   PCI DSS 3.0 Compliance
  • Module 9   Caching and Compression
  • Module 10 HTTP Routing, Rewriting and Redirects
  • Module 11  Troubleshooting
Wir verwenden Cookies, einschließlich Cookies von Drittanbietern, die uns bei der Bereitstellung unserer Dienste unterstützen und die Benutzerfreundlichkeit verbessern. Durch die Nutzung unserer Dienste stimmen Sie der Verwendung von Cookies zu. Weitere Informationen dazu, wie Sie Cookies vermeiden können, finden Sie in unsereren Datenschutzhinweisen.
Datenschutzhinweise Ok Ablehnen