Citrix ADC 12.x Advanced Concepts - Secure Web Applications (CNS-318)

 

Course Content

Learn the skills required to deploy and manage AppFirewall including types of web attacks, protections and signatures, the adaptive learning engine, AppFirewall policies and profiles, troubleshooting, and additional pertinent NetScaler security features. At the end of the course, you will be able to configure NetScaler environments to address application services security requirements with AppFirewall.

Who should attend

This course is designed for Students interested in learning the skills required to deploy and manage Citrix NetScaler Application Firewall. Specifically: Administrators, Implementers / Engineers and Architects

Prerequisites

  • !

Citrix recommends an understanding of the following concepts and technologies:

  • The functionalities and capabilities of Citrix NetScaler
  • Basic NetScaler network architecture
  • Obtaining, installing, and managing NetScaler licenses
  • Use of NetScaler traffic management features
  • Basic Networking
  • Windows and Linux Server administration
  • Web Services
  • SSL encryption and certificates
  • Common web services attacks and use of 3rd party tools

Course Objectives

  • Identify common web attacks and vulnerabilities
  • Write PERL compatible regular expressions
  • Understand how to utilize the adaptive learning engine
  • Configure AppFirewall to protect web applications
  • Utilize NetScaler Secure Insight to Monitor, Manage and report on Application Services security
  • Troubleshoot AppFirewall

Outline: Citrix ADC 12.x Advanced Concepts - Secure Web Applications (CNS-318)

Application Firewall Overview

  • AppFirewall solution Security Model (include signature)
  • Overview of types of attacks
  • PCIDSS
  • Adaptive Learning Engine
  • Packet Processing and Inspection
  • Log Files - view violations

Policies and Profiles

  • Profiles
  • Policies
  • Engine Settings

Regular Expressions

  • Forms of Regular Expressions
  • Using Regular Expressions
  • Metacharacters and Literal Characters
  • Escapes
  • Quantifiers
  • Back Referencing
  • Lookaheads
  • Regular Expression Scope

Attacks and Protections

  • Data Flow with AppFirewall
  • Security Checks
  • AppFirewall Actions
  • Adaptive Learning
  • Signatures
  • Code Quality (HTML Comment Striping)
  • Buffer Overflow
  • SQL injection
  • Cross-Site Scripting
  • Cookie Tampering
  • Cookie Protection
  • Parameter Tampering
  • Server Misconfiguration
  • Form Protections
  • Identity Theft - CC - Safe Object
  • URL Protections - Start URL and Deny URL
  • CSRF

Application Firewall Troubleshooting and Monitoring

  • Security Insight
  • HTTP Callout
  • Rate-Limit
  • AppQOE
  • IP Reputation

Prices & Delivery methods

Online Training

Duration
3 days

Price
  • US $ 3,000
Classroom Training

Duration
3 days

Price
  • United States: US $ 3,000

Click on town name or "Online Training" to book Schedule

Instructor-led Online Training:   This is an Instructor-Led Online (ILO) course. These sessions are conducted via WebEx in a VoIP environment and require an Internet Connection and headset with microphone connected to your computer or laptop.
*   This class is delivered by a vendor or third party partner.

United States

Online Training 10:00 Eastern Standard Time (EST) * Enroll
Online Training 10:00 Eastern Standard Time (EST) * Enroll
Online Training 10:00 Eastern Standard Time (EST) * Enroll
Online Training 10:00 Eastern Standard Time (EST) * Enroll