二、 课程简介

Overview:
    This course provides the foundation to manage, configure and monitor advanced features and components of Citrix NetScaler 9.0 Platinum Edition. Interactive discussion and hands-on labs guide learners through advanced administration tasks.

Who Should Attend:
    This course is intended for system administrators or network operations personnel, who configure and administer Citrix NetScaler products.

At Course Completion:
    Upon successful completion of this course, learners are able to complete the following:
    - Identify common web attacks and vulnerabilities
    - Write PERL compatible regular expressions
    - Configure Citrix Application Firewall? 9.0 to protect web applications
    - Troubleshoot Citrix Application Firewall 9.0
    - Install and configure Citrix EdgeSight for NetScaler to monitor web application performance
    - Install, configure, and use Citrix Command Center to manage NetScaler devices
    - Configure and use additional advanced features of NetScaler 9.0 including NetScaler Web Logging, HTTP Callout, and AAA authentication for web applications
Prerequisite Comments:
    Before taking this course, Citrix recommends that learners have the following knowledge and experience: Experience with configuring NetScaler systems, including an understanding of services, virtual servers, and policies ? Experience with network devices, such as routers and switches, various networking protocols and aspects of application and site architectures (such as DMZs and VLANs) ? Knowledge of network security threats and site protection concepts such as firewalls, worms, and DDoS attacks ? Understanding of concepts related to monitoring and management including basics of SNMP ? Attended one of the following courses o CNS-200-1I - Basic Administration for Citrix NetScaler 9.0 o NS-BOA Citrix NetScaler Basic Operations and Administration o CTX-1730 Citrix NetScaler: Basic Operations, and CTX-1731 Citrix NetScaler: Administration o Or, equivalent experience with Citrix NetScaler version 6.1, 7.0, 8.0, 8.1 or 9.0

Outline:

Lesson 1: Advanced Troubleshooting
    Troubleshooting Resources
    NetScaler System Overview
    nCore Configuration Architecture
    Built-In Tools
    Third-Party Tools

Lesson 2: Introducing Application Firewall
    Application Attacks
    The Benefits of Application Firewall
    Payment Card Industry Data Security Standard
    Profiles and Policies

Lesson 3: Profiles and Policies
    Profiles
    Policies
    Engine Settings

Lesson 4: Regular Expressions
    Regular Expressions
    Forms of Regular Expressions
    Using Regular Expressions
    Metacharacters and Literal Characters
    Metacharacters
    Escapes
    Quantifiers
    Backreferencing
    Lookaheads
    Regular Expression Scope

Lesson 5: Attacks and Protections
    Security Checks
    HTTPS Web Applications
    Buffer Overflow Exploits
    Buffer Overflow Protection
    Parameter Manipulation
    Server Misconfiguration
    Deny URL Protection
    SQL Injection
    HTML SQL Injection Protection
    Command Injection
    Field Format Protection
    Cookie Tampering and Poisoning
    Cookie Consistency Protection
    Form/Hidden Field Manipulation
    Form Field Consistency Protection
    Forceful Browsing
    Start URLs
    Backdoors and Misconfigurations
    URL Closure
    Identity Theft Attacks
    Credit Card Protection
    Protecting Credit Cards
    Errors Triggering Sensitive Information Leaks
    Safe Object Protection

Lesson 6: Application Firewall Troubleshooting
    Application Firewall and Applications
    Configuration Issues

Lesson 7: Queuing and Connection Tuning
    HTTP Connections
    HTTP Connection Management and NetScaler HTTP Behavior
    TCP Buffering
    Surge Queue
    Surge Protection
    Priority Queuing
    HTTP Denial-of-Service Protection
    IP Rate Limiting

Lesson 8: Authentication, Authorization, and Auditing
    Users, Groups and Command Policies
    External Authentication for System Users
    AAA for Traffic Management
    Configuration
    Audit Logging

Lesson 9: HTTP Service Callouts
    HTTP Callouts
    Configuring HTTP Callouts
    HTTP Callout Use Cases

Lesson 10: EdgeSight for NetScaler
    Data Flow Overview
    JavaScript Response Injection
    EdgeSight for NetScaler Server Components
    EdgeSight for NetScaler Installation Considerations
    Reporting Services Initial Configuration
    EdgeSight Charts and Reports
    EdgeSight Troubleshooting

Lesson 11: Command Center
    Command Center Introduction
    Command Center Clients
    Server Requirements
    Port Setting Requirements
    Command Center Functionality
    Command Center Administration
    Command Center Troubleshooting

Lesson 12: NetScaler Web Logging
    NetScaler Web Logging Introduction
    NetScaler System Configuration
    NSWL Client Installation
    NSWL Client Configuration
    Troubleshooting Web Logging

三、 企业团体定制介绍
   1、可提供团体定制培训，为企业量身定做。
   2、咨询热线：13122257700、021-64472947
   3、电子邮件：training@vip.163.com