Course Description
This course provides the foundation to manage, configure and monitor advanced features and components of Citrix NetScaler 10.5. Interactive discussion and hands-on labs guide learners through advanced administration tasks such as troubleshooting, configuring application security with Citrix Application Firewall, tuning the NetScaler for high-traffic loads, configuring AAA for system management, and configuring advanced policies using service callouts. Advanced monitoring and management tasks such as configuring and implementing NetScaler Insight Center, Command Center, and NetScaler Web Logging are also covered. Prior NetScaler knowledge is strongly recommended. In order to successfully complete this course, learners will have access to hands-on exercises within a virtual lab environment. This course is based on the Citrix NetScaler 10.5 product, but the skills and fundamental concepts learned are common to earlier product versions
Upon successful completion of this course, learners are able to complete the following:
- Identify common web attacks and vulnerabilities
- Write PERL compatible regular expressions
- Configure Citrix Application Firewall to protect web applications
- Troubleshoot Citrix Application Firewall
- Install and configure NetScaler Insight Center to monitor performance
- Install, configure, and use Citrix Command Center to manage NetScaler devices
- Configure and use additional advanced features of NetScaler including NetScaler Web Logging, HTTP callout, and AAA authentication for web applications
Before taking this course, Citrix recommends that learners have the following knowledge and experience:
- Experience configuring NetScaler systems, including an understanding of services, virtual servers, and policies
- Experience with network devices, such as routers and switches, various networking protocols, and aspects of application and site architectures (such as DMZs and VLANs)
- Knowledge of network security threats and site protection concepts such as firewalls, worms, and DDoS attacks
- Understanding of concepts related to monitoring and management including basics of SNMP
- Completion of CNS-205 Citrix NetScaler 10 Essentials and Networking or related experience
Agenda
Course Outline
Advanced Troubleshooting
Troubleshooting Resources
NetScaler System Overview
nCore Configuration Architecture
Built-In Tools
Real-Time Performance Statistics
Historical Statistics
Third-Party Tools
?Introducing Application Firewall
Application Attacks
The Benefits of Application Firewall
Payment Card Industry Data Security Standard
Packet Processing Inspection
Profiles and Policies
Profiles and Policies
Profiles
Policies
Engine Settings
Regular Expressions
Regular Expressions
Forms of Regular Expressions
Using Regular Expressions
Metacharacters and Literal Characters
Metacharacters
Escapes
Quantifiers
Backreferencing
Lookaheads
Regular Expression Scope
Attacks and Protections
Security Checks
HTTPS Web Applications
Buffer Overflow Exploits
Buffer Overflow Protection
Parameter Manipulation o Server Misconfiguration o Deny URL Protection
SQL Injection
HTML SQL Injection Protection
Command Injection
Field Format Protection
Cookie Tampering and Poisoning
Cookie Consistency Protection
Form/Hidden Field Manipulation
Form Field Consistency Protection
Forceful Browsing
Start URLs
Backdoors and Misconfigurations
URL Closure
Identity Theft Attacks
Credit Card Protection
Protecting Credit Cards
Errors Triggering Sensitive Information Leaks
Safe Object Protection
Application Firewall Troubleshooting
Application Firewall and Applications
Configuration Issues
Queuing and Connection Tuning
HTTP Connections
HTTP Connection Management and NetScaler HTTP Behavior
TCP Buffering
Surge Queue
Surge Protection
Priority Queuing
HTTP Denial-of-Service Protection
Authentication, Authorization, and Auditing
Users, Groups and Command Policies
External Authentication for System Users
AAA for Traffic Management
Configuration
Audit Logging
AppExpert Rate Limiting, HTTP Service Callout, and Policy-based Logging
HTTP Callouts
Configuring HTTP Callouts
HTTP Callout Use Cases
Configuring Rate Control
Rate Control Policy Scenarios
Policy-based Logging
Command Center
Command Center Introduction
Command Center Clients
Server Requirements
Port Setting Requirements
Command Center Installation
Command Center Functionality
Command Center Administration
Insight Center
Insight Center Overview
AppFlow on the NetScaler System
How Insight Center Collects AppFlow Data
HDX Insight
HTML Injection
NetScaler Web Logging
NetScaler Web Logging Introduction
NetScaler System Configuration
NSWL Client Installation
NSWL Client Configuration
Troubleshooting Web Logging