Citrix ADC 12.x Advanced Concepts - Secure Web Applications (CNS-318)

This advanced course is designed for IT professionals with previous NetScaler experience it will teach you how to address application services security requirements with AppFirewall. After studying AppFirewall, you’ll learn about many different types of web attacks and vulnerabilities, such as SQL injection and cookie tampering and how to protect against them. The course also covers policies, profiles and expressions; monitoring, management and reporting; and troubleshooting techniques. Highlighted features include the Adaptive Learning Engine and NetScaler Secure Insight.
 
This course is offered in instructor-led training (ILT)/virtual instructor-led training (vILT) formats with application of concepts through hands-on exercises in a live lab environment.
 
This course can be taken as a standalone course or combined with CNS-319 under course CNS-320
 
Objectives
After completing this course you should be able to:
  • Identify common web attacks and vulnerabilities
  • Write PERL compatible regular expressions
  • Understand how to utilize the adaptive learning engine
  • Configure AppFirewall to protect web applications
  • Utilize NetScaler Secure Insight to Monitor, Manage and report on Application Services security
  • Troubleshoot AppFirewall
 
Target Audience
Individuals with previous NetScaler experience interested in deploying or managing Citrix NetScaler Application Firewall (AppFirewall) in Citrix NetScaler environments.
 
Prerequisites
Citrix recommends students prepare for this course by taking the following courses:
  • CNS-102: NetScaler Overview
+
  • CNS-220: Citrix NetScaler Essentials and Traffic Management
OR
  • CNS-222: Citrix NetScaler Essentials and Unified Gateway
 
Testing and Certification
Recommended as preparation for the following exams:
  • 1Y0-340 - Citrix NetScaler Advanced Topics - Security, Management, and Optimization
Delegates looking to obtain this exam should have also attended the CNS-319 course.
 
Afficher les détails
Content
AppFirewall Overview
  • AppFirewall solution Security Model
  • Common Attacks Overview
  • PCI-DSS Compliance
AppFirewall Policies and Profiles
  • Profiles
  • Policies
  • Engine Settings
  • AppFirewall Learning
Regular Expressions
  • Forms of Regular Expressions
  • Using Regular Expressions
  • Meta/Literal Characters
  • PCRE
  • RegEx Tools
  • Regular Expression Scope
Attacks and Protections
  • Data Flow with AppFirewall
  • Security Checks
  • AppFirewall Actions
  • Adaptive Learning
  • Signatures
  • Cookie Protection
  • Advanced Form Protection Checks
  • URL Protections
AppFirewall Monitoring and Troubleshooting
  • AppFirewall and Web Applications
  • Logging and Reporting
  • Customizing Errors
  • Troubleshooting
  • NetScaler Security Insight
Security and Filtering
  • IP Reputation
  • Rate Limiting
  • AppQoE
  • HTTP Callout