Introduction to L7 Behavioral DoS¶
F5’s Application Security Manager, Advanced Web Application Firewall, and DDoS Hybrid Defender products all include advanced functionality for defending L7DoS attacks. In this self-paced lab, attendees will have an opportunity to explore L7 Behavioral DoS (BaDOS), leverage BaDOS to mitigate various L7DoS attacks, and examine the built-in reporting and monitoring functions provided by Advanced Web Application Firewall. At the conclusion of the lab, the attendee will have comfort in the basics of BaDOS, how the feature is deployed, and the types of attacks it can be used to mitigate.
Expected time to complete: 45-60 minutes
Contents:
- 1. Getting Started
- 2. Base Configuration and Traffic Baseline
- 2.1. Set up the DoS profile
- 2.2. Create a DoS Logging Profile
- 2.3. Add the DoS profile to a virtual server
- 2.4. Create XFF-Mixed_Attacker iRule
- 2.5. Create HTTP Profile to Accept X-Forwarded-For HTTP Header
- 2.6. Attach iRule and HTTP Profile to Local Traffic Manager Virtual Server
- 2.7. Generate Traffic to Establish Baseline
- 3. Application Security DoS Profiles
- 4. Stress-Based and Behavioral DoS Profile Settings
- 5. Request Signatures
- 6. Bad Actor Detection
- 7. Bad Actor Detection and Request Signatures