Hakkında
This course uses lectures and hands-on exercises to
give participants real-time experience in setting up and configuring the BIG-IP
Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user
interface, stepping through various options that demonstrate how AFM is
configured to build a network firewall and to detect and protect against DoS
(Denial of Service) attacks. Reporting and log facilities are also explained
and used in the course labs. Further Firewall functionality and additional DoS
facilities for DNS and SIP traffic are discussed.
Önkoşullar
Students must complete one of the following F5 prerequisites before attending this course:
The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.
The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:
- OSI model encapsulation
- Routing and switching
- Ethernet and ARP
- TCP/IP concepts
- IP addressing and subnetting
- NAT and private IP addressing
- Default gateway
- Network firewalls
- LAN vs. WAN
The following course-specific knowledge and experience is suggested before attending this course:
Instructor-led training: 2 days with hands-on lab practiceVirtual instructor-led training: 2 days of web-based classes with hands-on lab practice
Kurs Hedefleri
- Configure and manage an AFM
system
- Configure AFM Network
Firewall in a positive or negative security model
- Configure Network Firewall
to allow or deny network traffic using rules based on protocol, source,
destination, geography, and other predicate types
- Prebuild firewall rules
using lists and schedule components
- Enforce firewall rules
immediately or test them using policy staging
- Use Packet Tester and Flow
Inspector features to check network connections against your security
configurations for Network Firewall, IP intelligence and DoS features
- Configure various IP
Intelligence features to identify, record, allow or deny access by IP
address
- Configure the Device DoS
detection and mitigation feature to protect the BIG-IP device and all
applications from multiple types of attack vectors
- Configure DoS detection and
mitigation on a per-profile basic to protect specific applications from
attack
- Use DoS Dynamic Signatures
to automatically protect the system from DoS attacks based on long term
traffic and resource load patterns
- Configure and use the AFM
local and remote log facilities
- Configure and monitor AFM’s
status with various reporting facilities
- Export AFM system reports to
your external monitoring system directly or via scheduled mail
- Allow chosen traffic to
bypass DoS checks using Whitelists
- Isolate potentially bad
clients from good using the Sweep Flood feature
- Isolate and re-route
potentially bad network traffic for further inspection using IP
Intelligence Shun functionality
- Restrict and report on
certain types of DNS requests using DNS Firewall
- Configure, mitigate, and
report on DNS based DoS attacks with the DNS DoS facility
- Configure, mitigate, and
report on SIP based DoS attacks with the SIP DoS facility
- Configure, block, and report
on the misuse of system services and ports using the Port Misuse feature
- Build and configure Network
Firewall rules using BIG-IP iRules
- Be able to monitor and do
initial troubleshooting of various AFM functionality
Ders İçeriği
- Configuration and management
of the BIG-IP AFM system
- AFM Network Firewall
concepts
- Network firewall options and
modes
- Network firewall rules,
policies, address/port lists, rule lists and schedules
- IP Intelligence facilities
of dynamic black and white lists, IP reputation database and dynamic IP
shunning.
- Detection and mitigation of
DoS attacks
- Event logging of firewall
rules and DoS attacks
- Reporting and notification
facilities
- DoS Whitelists
- DoS Sweep/Flood
- DNS Firewall and DNS DoS
- SIP DoS
- Port Misuse
- Network Firewall iRules
- Various AFM component
troubleshooting commands
Kimler Katılmalı
This course is intended
for system and network administrators responsible for the configuration and
ongoing administration of a BIG-IP Advanced Firewall Manager (AFM) system.
v14.0'dan Sonraki Temel Değişiklikler
Updates for the
v15.1 release include a new chapter covering AFM functionality and associated
data flow, new steps to create IP Intelligence policies and feed lists, details
of a new DoS mitigation option, and tmsh command line firewall rule statistics
monitoring. Course material including student guide and labs steps have been
updated for some product changes to GUI appearance and screen options.
There were no
releases of this course for AFM versions 14.1 or 15.0; the previous release was
version 14.0.
