FortiWeb - NSE 6 - Web Application Firewall (WEB)

 

Course Overview

In this three-day class, you will learn how to deploy, configure, and troubleshoot Fortinet's web application firewall: FortiWeb.

Instructors will explain key concepts of web application security, and lead lab exercises in which you will explore protection and performance features.

In the lab, you will experience traffic and attack simulations that use real web applications. You will work with those simulations to learn how to distribute load from virtual servers to real servers, while enforcing logical parameters, inspecting flow, and securing HTTP session cookies.

This course will prepare you for the FortiWeb 6.1 Specialist Exam. The FortiWeb Specialist exam counts toward one of the four NSE 6 specializations required to get the NSE 6 certification.

System Requirements

If you take the online format of this class, you must use a computer that has the following:

  • A high-speed Internet connection
  • An up-to-date web browser
  • A PDF viewer
  • Speakers or headphones

One of the following:

  • HTML5 support
  • An up-to-date Java Runtime Environment (JRE) with Java plugin enabled in your web browser

You should use a wired Ethernet connection, not a Wi-Fi connection. Firewalls, including Windows Firewall or FortiClient, must allow connections to the online labs.

Who should attend

Networking and security professionals involved in the administration and support of FortiWeb.

Prerequisites

  • Knowledge of OSI layers and the HTTP protocol
  • Basic knowledge of HTML, JavaScript, and server-side dynamic page languages, such as PHP
  • Basic experience using FortiGate port forwarding

Course Objectives

After completing this course, you should be able to:

  • Define Web Application Firewall and describe its role in the network
  • Perform basic configuration and initial deployment
  • Configure FortiWeb for deployment in a load balanced network environment
  • Implement FortiWeb's Machine Learning capabilities
  • Configure and customize FortiWeb signatures
  • Configure FortiWeb to protect against DoS and Defacement attacks
  • Implement SSL/TLS Encryption, including Inspection and Offloading
  • Configure user authentication and access control features
  • Configure FortiWeb to ensure PCI DSS Compliance of your web applications
  • Configure FortiWeb to perform Caching and Compression tasks
  • Configure FortiWeb to perform HTTP content based routing, rewriting, and redirection.
  • Perform basic troubleshooting of FortiWeb

Course Content

  • Introduction
  • Basic Setup
  • Integrating Front-End SNAT and Load Balancers
  • Machine Learning and Bot Detection
  • Signatures and Sanitization
  • DoS and Defacement
  • SSL/TLS
  • Authentication and Access Control
  • PCI DSS Compliance
  • Caching and Compression
  • HTTP Routing, Rewriting, and Redirects
  • Troubleshooting

Prices & Delivery methods

Online Training
Modality: L

Duration 3 days

Price
  • on request
Dates and Booking
Request a date
Classroom Training
Modality: C

Duration 3 days

Price
  • on request
Dates and Booking
Request a date
 

Schedule

French

Time zone: Central European Summer Time (CEST)

Online Training 3 days Time zone: Central European Time (CET) Course language: French
Instructor-led Online Training:   This computer icon in the schedule indicates that this date/time will be conducted as Instructor-Led Online Training.