F5 Advanced WAF (PAYG, 1GBPS)Getting Started Guide

In cooperation with

The F5 Advanced WAF provides comprehensive protection for websites, mobile apps, and APIs against a range of threats, including the OWASP Top 10 and code-level vulnerabilities, with integrated threat intelligence. It also protects applications against automated malicious bot attacks and provides encryption for form field data to protect against credential and other sensitive data theft. Behavioral analytics and machine learning provide highly accurate Layer 7 DoS detection and mitigation.

In cooperation with

Locate F5 Advanced WAF in AWS Marketplace. Select the Continue to Subscribe button.

Step 1

Subscribing to F5 Advanced WAF

In cooperation with

Accept the terms at the next page and click the Continue to Configuration button.Step 2

Part 1 complete

Part 2: Demonstration Guide for F5 Advanced WAFSteps 1-2 of 26

In cooperation with

Step 1

Step 2

You can then locate the F5 Advanced WAF in your AWS dashboard.

From the drop-down menu, select Launch new instance.

Steps 3 - 4 of 26

Part 2: Demonstration Guide for F5 Advanced WAF

In cooperation with

Step 3

Step 4

Select the Continue to launch through EC2 button

Select your instance type and select the Configure Instance Details button at the bottom of the page.

Steps 5 - 6 of 26

In cooperation with

Step 5

Step 6

Select the appropriate VPC

Review the EC2 information and select the Launch button.

Steps 7 - 8 of 26

In cooperation with

Step 7

Step 8

Select the Key Pair and choose the Launch Instances button to launch your EC2 instance.

Copy the BIG-IP instance hostname and access the instance through the browser.

Steps 9 - 10 of 26

In cooperation with

Step 9

Step 10

Paste the BIG-IP instance hostname in the browser.

Log into the page

Steps 11 - 12 of 26

In cooperation with

Step 11 You will see the main dashboard.

Select Resource Provisioning on the left-side and set the ASM (Application Security Module) and FPS (Fraud Protection Services) modules to nominal. Note: WAF, BOT, and DOS functionality require the ASM module and DataSafe requires the FPS module.

Step 12

Steps 13 - 14 of 26

In cooperation with

You can use guided configuration to setup WAF, BOT, and DOS protection.

Configure the virtual server (VS)

Step 14

Step 13

Steps 15 - 16 of 26

In cooperation with

Step 15 Enable the extra feature called Evasion technique detected.

Now, if you attempt a Directory Traversal attack, you will receive an error message back.

Step 16

Steps 17 - 18 of 26

In cooperation with

On the left side, select Security, then Data Protection to access the DataSafe configuration menu.Note: DataSafe is used to encrypt form field data.

If you navigate to the Event Logs, you will see the evasion technique was detected.

Step 18

Step 17

Steps 19 - 20 of 26

In cooperation with

Step 19

Steps 21 - 22 of 26

Step 20 And add in the URL as: /user/login

Select the URL List tab to add in the URL

In cooperation with

Step 21

Step 22

Select the Parameters tab and then set the username and password parameters.

If you enter in the username, it is now encrypted.

Steps 23 - 24 of 26

In cooperation with

Step 23 You can set a Bot defense policy.

Steps 25 - 26 of 26

Step 24 If you generate a bot-like request, you will notice the request is blocked.

In cooperation with

Step 25 Navigate to the Event Logs to see more information on the bot attack.

Step 26 Continued

Step 26 Navigate to the OWASP Top 10 dashboard, which allows you to easily see where additional controls are needed.

In cooperation with

Part 2 complete

Step 26 Continued

Thank you. For more information, visit https://amzn.to/2q4k6zS

In cooperation with