NetScaler 10.5 Advanced Implementation (CNS-301)

Request a Quote for this class

About this Course

This course provides the foundation to manage, configure and monitor advanced features and components of Citrix NetScaler 10.5. Interactive discussion and hands-on labs guide learners through advanced administration tasks such as troubleshooting, configuring application security with Citrix Application Firewall, tuning the NetScaler for high-traffic loads, configuring AAA for system management, and configuring advanced policies using service callouts. Advanced monitoring and management tasks such as configuring and implementing NetScaler Insight Center, Command Center, and NetScaler Web Logging are also covered. Prior NetScaler knowledge is strongly recommended. In order to successfully complete this course, learners will have access to hands-on exercises within a virtual lab environment.

This course is based on the Citrix NetScaler 10.5 product, but the skills and fundamental concepts learned are common to earlier product versions. 

 Audience Profile

This course is intended for system administrators or network operations personnel who configure and administer Citrix NetScaler products.

At Course Completion

Upon successful completion of this course, learners are able to complete the following:

  • Identify common web attacks and vulnerabilities
  • Write PERL compatible regular expressions
  • Configure Citrix Application Firewall to protect web applications
  • Troubleshoot Citrix Application Firewall
  • Install and configure Citrix Insight Center to monitor performance
  • Install, configure, and use Citrix Command Center to manage NetScaler devices
  • Configure and use additional advanced features of NetScaler including NetScaler Web Logging, HTTP callout, and AAA authentication for web applications

Prerequisites

Before taking this course, Citrix recommends that learners have the following knowledge and experience:

  • Experience configuring NetScaler systems, including an understanding of services, virtual servers, and policies
  • Experience with network devices, such as routers and switches, various networking protocols, and aspects of application and site architectures (such as DMZs and VLANs)
  • Knowledge of network security threats and site protection concepts such as firewalls, worms, and DDoS attacks
  • Understanding of concepts related to monitoring and management including basics of SNMP
  • Completion of CNS-205 Citrix NetScaler 10 Essentials and Networking or related experience

Course Outline

1. Advanced Troubleshooting

  • Troubleshooting Resources
  • NetScaler System Overview
  • nCore Configuration Architecture
  • Built-In Tools
  • Real-Time Performance Statistics
  • Historical Statistics
  • Third-Party Tools

2. Introducing Application Firewall

  • Application Attacks
  • The Benefits of Application Firewall
  • Payment Card Industry Data Security Standard
  • Packet Processing Inspection
  • Profiles and Policies

3. Profiles and Policies

  • Profiles
  • Policies
  • Engine Settings

4. Regular Expressions

  • Regular Expressions
  • Forms of Regular Expressions
  • Using Regular Expressions
  • Metacharacters and Literal Characters
  • Metacharacters
  • Escapes
  • Quantifiers
  • Backreferencing
  • Lookaheads
  • Regular Expression Scope

5. Attacks and Protections

  • Security Checks
  • HTTPS Web Applications
  • Buffer Overflow Exploits
  • Buffer Overflow Protection
  • Parameter Manipulation o Server Misconfiguration o Deny URL Protection
  • SQL Injection
  • HTML SQL Injection Protection
  • Command Injection
  • Field Format Protection
  • Cookie Tampering and Poisoning
  • Cookie Consistency Protection
  • Form/Hidden Field Manipulation
  • Form Field Consistency Protection
  • Forceful Browsing
  • Start URLs
  • Backdoors and Misconfigurations
  • URL Closure
  • Identity Theft Attacks
  • Credit Card Protection
  • Protecting Credit Cards
  • Errors Triggering Sensitive Information Leaks
  • Safe Object Protection

6. Application Firewall Troubleshooting

  • Application Firewall and Applications
  • Configuration Issues

7. Queuing and Connection Tuning

  • HTTP Connections
  • HTTP Connection Management and NetScaler HTTP Behavior
  • TCP Buffering
  • Surge Queue
  • Surge Protection
  • Priority Queuing
  • HTTP Denial-of-Service Protection

8. Authentication, Authorization, and Auditing

  • Users, Groups and Command Policies
  • External Authentication for System Users
  • AAA for Traffic Management
  • Configuration
  • Audit Logging

9. AppExpert Rate Limiting, HTTP Service Callout, and Policy-based Logging

  • HTTP Callouts
  • Configuring HTTP Callouts
  • HTTP Callout Use Cases
  • Configuring Rate Control
  • Rate Control Policy Scenarios
  • Policy-based Logging

10. Command Center

  • Command Center Introduction
  • Command Center Clients
  • Server Requirements
  • Port Setting Requirements
  • Command Center Installation
  • Command Center Functionality
  • Command Center Administration

11. Insight Center

  • Insight Center Overview
  • AppFlow on the NetScaler System
  • How Insight Center Collects AppFlow Data
  • HDX Insight
  • HTML Injection

12. NetScaler Web Logging

  • NetScaler Web Logging Introduction
  • NetScaler System Configuration
  • NSWL Client Installation
  • NSWL Client Configuration
  • Troubleshooting Web Logging