Merge branch 'f5devcentral:dev' into vgranic-mcn-lab-updates

docs/class2/close.rst

@@ -2,7 +2,7 @@ Conclusion
 ==========
 
 Thank you for your participation in the F5 Distributed Cloud Lab.
-This Lab Guide has highlighted how attendees can leverage F5 Distributed 
+This Lab Guide has highlighted how attendees can leverage F5 Distributed
 Cloud security to protect hosted applications and resources.
 
 Appendix
@@ -30,7 +30,7 @@ Appendix
   * **Terraform:** https://registry.terraform.io/providers/volterraedge/volterra/latest
 
 +----------------------------------------------------------------------------------------------+
-| F5 Networks, Inc. \| f5.com                                                                  |
+| F5 Networks, Inc. /| f5.com                                                                  |
 +----------------------------------------------------------------------------------------------+
 
 +----------------------------------------------------------------------------------------------+

docs/class2/intro.rst

@@ -23,14 +23,15 @@ Cloud Services will be configured as a SaaS Edge delivery and security service
 tier to a publicly hosted web application. The key elements lab attendees will
 interact with are as follows:
 
-- F5 Distributed Cloud Console
-- F5 Distributed Cloud Global Network / Application Delivery Network (ADN)
-- Publicly hosted application (Public Cloud)
+* F5 Distributed Cloud Console
+* F5 Distributed Cloud Global Network / Application Delivery Network (ADN)
+* Publicly hosted application (Public Cloud)
 
 |intro001|
 
+
 Task 2: F5 Distributed Cloud Console Login
-==========================================
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 The following will guide you through the initial Lab environment access within
 the F5 Distributed Cloud Console.  You should have received an email with an
@@ -67,8 +68,11 @@ proceed to the first step below to access the F5 Distributed Cloud Lab Tenant.
    appear.
 
    |intro002|
+
    |intro003|
+
    |intro004|
+
    |intro005|
 
 
@@ -84,6 +88,7 @@ proceed to the first step below to access the F5 Distributed Cloud Lab Tenant.
       operations. As **some menus will be locked and not visible.*
 
    |intro006|
+
    |intro007|
 
 #. Namespaces, which provide an environment for isolating configured
@@ -109,12 +114,14 @@ proceed to the first step below to access the F5 Distributed Cloud Lab Tenant.
       available.*
 
    |intro008|
+
    |intro009|
 
 **Beginning of Lab:**  You are now ready to begin the lab, Enjoy! Ask question
 as needed.
 
-   |labbgn|
+|labbgn|
+
 
 .. |intro001| image:: _static/intro-001.png
    :width: 800px

docs/class2/lab1.rst

@@ -30,6 +30,7 @@ tenant for this lab and proceed to Task 1.
 
 **Expected Lab Time: 25 minutes**
 
+
 Task 1: Configure Load Balancer and Origin Pool
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -50,6 +51,7 @@ assign a target as an origin.
    as shown.
 
    |lab001|
+
    |lab002|
 
 .. note::
@@ -70,7 +72,6 @@ assign a target as an origin.
 
    |lab003|
 
-
 #. In the current window's left-hand navigation, click **Origins**. In the
    adjacent **Origins** section, under **Origin Pools**, click **Add Item**.
 
@@ -106,7 +107,9 @@ assign a target as an origin.
    **Apply**.
 
    |lab008|
+
    |lab009|
+
    |lab010|
 
 Task 2: Configure WAF Policy on the Load Balancer
@@ -143,6 +146,7 @@ configuration.
    become available
 
    |lab013|
+
    |lab014|
 
 
@@ -205,8 +209,6 @@ configuration.
 
    |lab020|
 
-
-
 #. Click **Documentation** in the horizontal navigation at the top of the
    screen.
 
@@ -228,7 +230,6 @@ You will now perform basic testing of the Web Application Firewall (WAF)
 Policy. You will also review the generated event data to make additional
 configuration changes.
 
-
 #. Open another tab in your browser (Chrome shown), navigate to the newly
    configured Load
 
@@ -247,7 +248,9 @@ configuration changes.
    (copy and paste to a notepad or note resource).
 
    |lab022|
+
    |lab023|
+
    |lab024|
 
 #. Returning to the F5 Distributed Cloud Console, use the left-hand menu to
@@ -261,7 +264,6 @@ configuration changes.
       *As you have not run many requests, summary analytics may not be
       available in the dashboard view yet.*
 
-
 #. Scroll to the bottom and select your load balancer.
 
    |lab026|
@@ -278,14 +280,11 @@ configuration changes.
       *Security Event data may take 15-20 seconds to populate in the Console. Please force a*
       *refresh using the Refresh icon next to the Time Period selection in step 6.*
 
-
 #. Expand one of the requests and note the **Information** tab link. This
    summarizes request details and provides request duration timing.
 
    |lab028|
 
-
-
 #. Click on the **JSON** link to get more data about the request.
 
 #. Click **Add Filter** as shown to see how you can filter by key identifiers.
@@ -319,7 +318,6 @@ configuration changes.
       *Individual forensic categories can be changed using the noted pencil
       icon to surface additional top data details.*
 
-
 #. Using the left-hand navigation, click **Dashboards** and then select
    **Security Dashboard**.
 
@@ -365,8 +363,6 @@ configuration changes.
 
    |lab039|
 
-
-
 #. Type **req** in the open dialogue window and select **req_id** from the
    dropdown.
 
@@ -382,8 +378,6 @@ configuration changes.
 
   |lab042|
 
-
-
 #. You should now be filtered to a single "Security Event", as shown with your
    selected filter. You can expand and review the request as desired using the
    **arrow** icon.

docs/class2/lab2.rst

@@ -10,7 +10,8 @@ protect the previously configured application from advanced Bot threats.
 **Expected Lab Time: 25 minutes**
 
 Task 1: Reviewing Signature-based Bot protection
-------------------------------------------------
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
 In this task you will review the Bot signature configuration and view
 logged security events. This lab will begin back in the F5 Distributed
 Cloud Console.
@@ -49,7 +50,7 @@ Cloud Console.
    |lab005|
 
 #. Open a terminal window or DOS prompt on your respective client and issue the
-   following **curl** command: ``curl -v http://<namespace>.lab-sec.f5demos.com``.
+   following **curl** command: curl -v http://<namespace>.lab-sec.f5demos.com``.
 
 #. Observe the **User Agent** and response content.
 
@@ -79,7 +80,7 @@ Cloud Console.
 
    |lab009|
 
-#. **Optional Advanced Topic**
+   **Task 1: Optional Advanced Topic**
 
    Signature based Bot detection can be easily bypassed. By simply presenting a
    less suspicious user-agent string, a threat actor can easily bypass the
@@ -89,11 +90,15 @@ Cloud Console.
    user-agent, you will skip signature-based bot detection. For example, if you
    run the following command:
 
-   ``curl http://<namespace>.lab-sec.f5demos.com --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15'``
+   .. code:: BASH
+
+      curl 'http://<namespace>.lab-sec.f5demos.com'
+      --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15'
 
    This HTTP request will not show up in the Security Analytics however you
    will find it in Request logging.
 
+
 Task 2: Enabling F5 Distributed Cloud Bot Defense
 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
@@ -116,6 +121,7 @@ and understand its implementation.
    - **Token:** **password**
 
    |lab010|
+
    |lab011|
 
 #. In the Developer window, find the **POST** to **auth.php**. **You can also
@@ -125,6 +131,7 @@ and understand its implementation.
    that you only see limited form POST data (identity, token, & submit).
 
    |lab012|
+
    |lab013|
 
    .. warning:: *Make sure to logoff using the menu on the right of the web
@@ -135,10 +142,12 @@ and understand its implementation.
    Let’s explore how an attacker could perform credential stuffing attacks by
    using the curl command:
 
-   ``curl -v 'http://<namespace>.lab-sec.f5demos.com/auth.php'
-   -H 'Content-Type: application/x-www-form-urlencoded'
-   --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15'
-   --data-raw 'identity=user%40f5.com&token=password&submit=Submit'``
+   .. code:: BASH
+
+      curl -v 'http://<namespace>.lab-sec.f5demos.com/auth.php'
+      -H 'Content-Type: application/x-www-form-urlencoded'
+      --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15'
+      --data-raw 'identity=user%40f5.com&token=password&submit=Submit'
 
    For this application, a successful logon will have a 302 response to the
    location ./data.php?page=data
@@ -165,6 +174,7 @@ and understand its implementation.
 #. Click **Edit Configuration** in the top right-hand corner.
 
    |lab014|
+
    |lab015|
 
 #. Click **Bot Protection** in the left-hand navigation.
@@ -182,7 +192,9 @@ and understand its implementation.
 #. In the new **App Endpoint Type** window, click  **Add Item**.
 
    |lab017|
+
    |lab018|
+
    |lab019|
 
 #. In the **Application Endpoint** input the following values in the fields
@@ -198,6 +210,7 @@ and understand its implementation.
 #. Scroll to the bottom and click **Apply**.
 
    |lab020|
+
    |lab021|
 
 #. Click **Apply** on the **App Endpoint Type** window.
@@ -206,6 +219,7 @@ and understand its implementation.
    section of the **Protected App Endpoints** window, then click **Apply**.
 
    |lab022|
+
    |lab023|
 
 #. Observe that the **Bot Defense Policy** is now configured.
@@ -214,6 +228,7 @@ and understand its implementation.
    bottom on the **HTTP Load Balancer** screen, and click **Save and Exit**.
 
    |lab024|
+
    |lab025|
 
 #. Repeat Task 2 Steps 1-6.  Note you many need to close your browser and clear
@@ -231,10 +246,12 @@ and understand its implementation.
    requests and its ability to perform credential stuffing attacks. Let’s find
    out. Re-run our previously successful logon attempt:
 
-   ``curl -v 'http://<namespace>.lab-sec.f5demos.com/auth.php'
-   -H 'Content-Type: application/x-www-form-urlencoded'
-   --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15'
-   --data-raw 'identity=user%40f5.com&token=password&submit=Submit'``
+   .. code:: BASH
+
+      curl -v 'http://<namespace>.lab-sec.f5demos.com/auth.php'
+      -H 'Content-Type: application/x-www-form-urlencoded'
+      --user-agent 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2.1 Safari/605.1.15'
+      --data-raw 'identity=user%40f5.com&token=password&submit=Submit'
 
    As you can see, instead of signaling to a potential attacker that they have
    a good or bad password, we have prevented the would-be attacker from

docs/class2/lab3.rst

@@ -33,7 +33,7 @@ malicious user mitigation and actions.
    |lab003|
 
 #. Click the dropdown for **User Identification Policy** and select
-     **Add Item**.
+   **Add Item**.
 
    |lab004|
 
@@ -166,6 +166,7 @@ select **Enable**.
    bottom of the window and click the **Save and Exit** button.
 
    |lab023|
+
    |lab024|
 
 **End of Lab 3:**  This concludes Lab 3, feel free to review and test the

docs/class4/class4.rst

@@ -1,14 +1,14 @@
-F5 Distributed Cloud: API Discovery & Protection 
+F5 Distributed Cloud: API Discovery & Protection
 ================================================
 
 Welcome
 -------
 
 In this lab, participants will explore the depths of F5 Web Application
-and API Protection (WAAP) within F5 Distributed Cloud. Dive headfirst into 
-the cutting-edge world of API Discovery, uncovering what’s within, Sensitive Data 
-and Authentication State detection. Get hands-on experience as you unleash 
-the power of API Protection and API Rate Limiting.  
+and API Protection (WAAP) within F5 Distributed Cloud. Dive headfirst into
+the cutting-edge world of API Discovery, uncovering what’s within, Sensitive Data
+and Authentication State detection. Get hands-on experience as you unleash
+the power of API Protection and API Rate Limiting.
 
 Objective:
 ----------
@@ -18,26 +18,26 @@ Objective:
 -  Explore building API Discovery and Protection within F5 Distributed Cloud
 
    -  **API Discovery**: Provided via machine-based learning processes, enables visualization of the API Framework,
-      assesses use of end-points, discovers new end-points based on flows, identifies use of sensitive information,   
+      assesses use of end-points, discovers new end-points based on flows, identifies use of sensitive information,
       and enables swagger file export.
 
-   -  **API Protection**: Encompasses a set of definitions and controls to protect and secure the functions, use and 
-      endpoints of the delivered API's framework. 
+   -  **API Protection**: Encompasses a set of definitions and controls to protect and secure the functions, use and
+      endpoints of the delivered API's framework.
 
 Lab & Tasks:
 ------------
 
 -  All Lab requirements will be noted in the tasks that follow
 
--  Estimated completion time: 3 Labs approximately 15-20 minutes each
+-  Estimated completion time: 2 Labs approximately 15-20 minutes each
 
 
 .. toctree::
    :maxdepth: 2
    :caption: Labs:
    :glob:
-   
+
    intro*
    lab*
    close*
-   
+