This lab exists to provide hands-on experience with the integration between ZIA, CrowdStrike Falcon, and Okta through relevant use cases. First, this lab can be used to see how the integration between CrowdStrike Falcon and ZIA can ensure administrators have end-to-end insight into the threat landscape to minimize attack surface and deliver rapid threat detection and response. On top of this, the lab allows users to see how Okta can integrate with both CrowdStrike and Zscaler to strengthen a company's Zero Trust profile, enhance threat detection during authentication and monitor the intersection of security and access management.

Explore NGINX One, an all-in-one platform that integrates the best of NGINX's offerings into a unified package that includes a cloud-based dashboard and access to F5 Distributed Cloud. Customers get advanced load balancing, web and application server capabilities, API gateway functionalities, and security features. The goal of NGINX One is to provide unparalleled performance, security, and scalability for modern applications, whether they are deployed in the cloud, on-premises, or in hybrid environments.

F5 Distributed Cloud WAF deployed on Regional Edge and App Connect Deployment mode. This deployment model offers an optimal solution for scenarios where backend applications are inaccessible from the internet, lacking a Fully Qualified Domain Name (FQDN) or Public IP. In this case Customer Edge sites can be deployed to connect these "private" customer sites to the XC Global Network via IPSEC tunnels opened from Distributed Cloud Customer Edges to the closes two REs sites. Distributed Cloud WAF is deployed on the Regional Edges, where the services are being advertised to the Internet through anycast IPs. Customer Edges are being deployed on the customer sites and connect to the closest RE and traffic will be inspected by the WAAF security policy. The traffic will then be forwarded across the distributed cloud global network towards an egress Regional Edge and then over an IPSEC tunnel to the Customer edge site where it will be forwarded to the backend applications as pure IP-based traffic.

In this lab, users will experience F5 Distributed Cloud Web App and API protection (WAAP), where organizations can simplify their path to effective security without sacrificing continued business innovation and customer demand. An API-driven approach to application protection enables improved collaboration between networks, security operations, and developers. This lab will use Terraform to deploy a Web App and API protection solution that protects an existing application

This WWT Lab will provide a hand on experience of F5 Distributed Cloud WAF deployed on Regional Edge in deployment mode. This deployment mode is better suited when protecting backend applications which are already public accessible from the internet via FQDN or Public IP. F5 Distributed Cloud WAF is deployed on the Regional Edges, where the services are being advertised to the internet through anycast IPs. The end users will connect to their closest Regional Edge and the traffic will be inspected by the WAF security policy. The traffic will then be forwarded across the XC Global Network towards an egress Regional Edge and then towards the customer site as regular internet traffic. The customer will filter the traffic, only allowing traffic forwarded by the XC platform.

Explore the essential features of CyberArk Privileged Access Security (PAS) in this lab, showcasing its capabilities in managing and auditing privileged accounts across Windows and Linux environments. Discover how CyberArk PAS enhances security through automated password management and secure session monitoring.

This lab provides a hands-on introduction to API security and visibility using F5 Distributed Cloud Web App and API Protection (XC WAAP). As APIs continue to grow in number and complexity, they have become a primary target for cyberattacks. This lab explores how to discover, document, and secure both known and shadow APIs using the platform's API Discovery, Schema Validation, and Security Dashboards. Participants will learn how to: Send traffic through the F5 HTTPS Load Balancer to trigger API Discovery and the API Crawler Automatically generate and maintain an API inventory, including undocumented shadow APIs Apply OpenAPI Schema Validation to enforce API conformity and detect anomalies Gain deep insights through advanced API Security Dashboards, including threat levels, sensitive data exposure, authentication status, and risk scores Understand the importance of integrating DevSecOps practices by leveraging IaC and GitHub Actions for API protection deployment By the end of this lab, users will gain critical visibility into their API ecosystem, identify vulnerabilities, and take actionable steps to secure both documented and undocumented APIs—helping to bring shadow APIs into the light.

In the current AI market, the demand for scalable and secure deployments is increasing. Public cloud providers (AWS, Google, and Microsoft) are competing to provide GenAI infrastructure, driving the need for multi-cloud and hybrid cloud deployments. However, distributed deployments come with challenges, including: Complexity in managing multi-cloud environments. Lack of unified visibility across clouds. Inconsistent security and policy enforcement. F5 Distributed Cloud provides a solution by offering a seamless, secure, and portable environment for GenAI workloads across clouds. This lab will guide you through setting up and securing GenAI applications with F5 Distributed Cloud on AWS EKS and GCP GKE.