This advanced course is designed for IT professionals with previous NetScaler experience it will teach you how to address application services security requirements with AppFirewall. After studying AppFirewall, you’ll learn about many different types of web attacks and vulnerabilities, such as SQL injection and cookie tampering and how to protect against them. The course also covers policies, profiles and expressions; monitoring, management and reporting; and troubleshooting techniques. Highlighted features include the Adaptive Learning Engine and NetScaler Secure Insight.

This course is offered in instructor-led training (ILT)/virtual instructor-led training (vILT) formats with application of concepts through hands-on exercises in a live lab environment.

This course can be taken as a standalone course or combined with CNS-319 under course CNS-320

Objectives

After completing this course you should be able to:

• Identify common web attacks and vulnerabilities
• Write PERL compatible regular expressions
• Understand how to utilize the adaptive learning engine
• Configure AppFirewall to protect web applications
• Utilize NetScaler Secure Insight to Monitor, Manage and report on Application Services security
• Troubleshoot AppFirewall

Target Audience

Individuals with previous NetScaler experience interested in deploying or managing Citrix NetScaler Application Firewall (AppFirewall) in Citrix NetScaler environments.

Prerequisites

Citrix recommends students prepare for this course by taking the following courses:

• CNS-102: NetScaler Overview
• +CNS-220: Citrix NetScaler Essentials and Traffic Management
• ORCNS-222: Citrix NetScaler Essentials and Unified Gateway

Testing and Certification

Recommended as preparation for the following exams:

• 1Y0-340 - Citrix NetScaler Advanced Topics - Security, Management, and Optimization

Delegates looking to obtain this exam should have also attended the CNS-319 course.

Content

AppFirewall Overview

• AppFirewall solution Security Model
• Common Attacks Overview
• PCI-DSS Compliance

AppFirewall Policies and Profiles

• Profiles
• Policies
• Engine Settings
• AppFirewall Learning

Regular Expressions

• Forms of Regular Expressions
• Using Regular Expressions
• Meta/Literal Characters
• PCRE
• RegEx Tools
• Regular Expression Scope

Attacks and Protections

• Data Flow with AppFirewall
• Security Checks
• AppFirewall Actions
• Adaptive Learning
• Signatures
• Cookie Protection
• Advanced Form Protection Checks
• URL Protections

AppFirewall Monitoring and Troubleshooting

• AppFirewall and Web Applications
• Logging and Reporting
• Customizing Errors
• Troubleshooting
• NetScaler Security Insight

Security and Filtering

• IP Reputation
• Rate Limiting
• AppQoE
• HTTP Callout