This course covers the AppWall product. It also includes an introduction to Web Application Security.
Learn how Appwall helps you to enable PCI compliance by mitigating Web application security threats and vulnerabilities to prevent data theft and manipulation of sensitive corporate and customer information. See how AppWall incorporates advanced, patent-protected Web application security filtering technologies to seamlessly detect threats, block attacks and report events. Gain knowledge to plan an AppWall installation and configure the device.
Please bring your laptop to complete the hands-on lab exercises. Students will use well-known applications such as PDF Reader, VNC, Telnet, SSH and possibly other Radware-proprietary apps. Therefore, it is also important to have administrative rights on your laptop.
- Familiarity with common network terminology, TCP/IP addressing & routing, and Internetworking concepts is required.
- Delegates should also be proficient in basic PC operation and application, including skilled at operating a keyboard, mouse and Windows OS as well as basic Web browser operation (Internet Explorer used in class).
- Day 1
- Web Application Security Introduction
- The Threat Catalog
- Introduction to HTTP (Methods, Header, Cookies)
- What is Radware AppWall?
- Radware AppWall Components
- Radware AppWall Data Flow
- Why Radware AppWall?
- AppWall Default Ports
- AppWall Security Console Workspace
- AppWall Security Console Views
- Initial Install
- AppWall Servers
- Escalation Server List
- Protected Entities
- Events Handling
- AppWall Publisher
- Security Filter
- Default Security Filters list
- Security Filters Run Modes
- Security Filters Configuration
- Security Filters Walkthrough
- Web Applications
- Web Applications Hierarchy
- Default Web Application
- Adding and Editing Web Application
- Application Path Automation
- Security Page
- Enabling / Disabling Web Application
- Enabling / Disabling a Tunnel in the Default Web Application
- Regular Expressions
- Advanced Tunnel Settings
- Certificates: Validation – Authorization and CRLs
- TCP Tunnel
- Console – Server Connections
- Policy Distribution
- Backup and Restore
- IP Blocking
- Dashboard View