CNS-318: Citrix NetScaler Advanced Topics - Secure Web Applications

Networking/Server/Operating Systems
Schedules
Optional
  LearnITAnytime Online Subscription (1 Year Subscription - $195.00)
  IT Online Library (1 Year Subscription - $1595.00)
  Private Mentoring 3 Hours ($225)
Quantity
If quantity is more than 1, Please add all Attendees' Names /Voucher #/ Learning Credit below separated with a comma. If not specified, we will contact you prior to the class start date. Special Instructions

This course is designed for students with previous NetScaler experience, this course is best suited for individuals who will be deploying and/or managing Citrix NetScaler Application Firewall (AppFirewall) in Citrix NetScaler environments.

Learn the skills required to deploy and manage AppFirewall including types of web attacks, protections and signatures, the adaptive learning engine, AppFirewall policies and profiles, troubleshooting, and additional pertinent NetScaler security features. At the end of the course, students will be able to configure NetScaler environments to address application services security requirements with AppFirewall.

Recommended pre-requisite courses:

  • CNS-102 NetScaler Overview
  • AND
  • CNS-220 Citrix NetScaler Essentials and Traffic Management
  • OR
  • CNS-222 Citrix NetScaler Essentials and Unified Gateway

Topic Outline

Application Firewall Overview

  • AppFirewall solution Security Model (include signature)
  • Overview of types of attacks
  • PCIDSS
  • Adaptive Learning Engine
  • Packet Processing and Inspection
  • Log Files - view violations

Policies and Profiles

  • Profiles
  • Policies
  • Engine Settings

Regular Expressions

  • Forms of Regular Expressions
  • Using Regular Expressions
  • Metacharacters and Literal Characters
  • Escapes
  • Quantifiers
  • Back Referencing
  • Lookaheads
  • Regular Expression Scope

Attacks and Protections

  • Data Flow with AppFirewall
  • Security Checks
  • AppFirewall Actions
  • Adaptive Learning
  • Signatures
  • Code Quality (HTML Comment Striping)
  • Buffer Overflow
  • SQL injection
  • Cross-Site Scripting
  • Cookie Tampering
  • Cookie Protection
  • Parameter Tampering
  • Server Misconfiguration
  • Form Protections
  • Identity Theft - CC - Safe Object
  • URL Protections - Start URL and Deny URL
  • CSRF

Application Firewall Troubleshooting and Monitoring

  • Security Insight
  • HTTP Callout
  • Rate-Limit
  • AppQOE
  • IP Reputation