Scribd
Upload
192 views5 pages

F5 Networks Configuring BIG-IP AFM: Advanced Firewall Manager

This document provides an overview of a course on configuring F5 Networks' BIG-IP Advanced Firewall Manager (AFM). The course uses lectures and hands-on exercises to teach students how to set up and configure the AFM system to build a network firewall, detect and protect against denial-of-service attacks, and utilize AFM's reporting and logging facilities. The course objectives cover a wide range of AFM features including network firewall configuration, IP intelligence, denial-of-service protection, reporting, and integrating AFM with iRules. The course outline lists 14 lessons that progress from initial BIG-IP system setup to advanced topics like DNS and SIP denial-of-service protection.

Uploaded by

mohammad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
192 views5 pages

F5 Networks Configuring BIG-IP AFM: Advanced Firewall Manager

This document provides an overview of a course on configuring F5 Networks' BIG-IP Advanced Firewall Manager (AFM). The course uses lectures and hands-on exercises to teach students how to set up and configure the AFM system to build a network firewall, detect and protect against denial-of-service attacks, and utilize AFM's reporting and logging facilities. The course objectives cover a wide range of AFM features including network firewall configuration, IP intelligence, denial-of-service protection, reporting, and integrating AFM with iRules. The course outline lists 14 lessons that progress from initial BIG-IP system setup to advanced topics like DNS and SIP denial-of-service protection.

Uploaded by

mohammad
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 5

SUNSET LEARNING INSTITUTE

CLOUD TECHNOLOGY TRAINING PROVIDER


EDUCATE. INNOVATE. OPTIMIZE.

F5 Networks Configuring BIG-IP AFM: Advanced Firewall Manager


COURSE OVERVIEW:
This course uses lectures and hands-on exercises to give participants real-time experience in setting up and
configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface,
stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect
and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the
course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed.

WHO WILL BENEFIT FROM THIS COURSE?


This course is intended for network operators, network administrators, network engineers, network architects,
security administrators, and security architects responsible for installation, setup, configuration, and
administration of the BIG-IP AFM system.

PREREQUISITES:
Administering BIG-IP, OSI model, TCP/IP addressing and routing, WAN, LAN environments, and server redundancy
concepts; or having achieved TMOS Administration Certification.

COURSE OBJECTIVES:
• Configure and manage an AFM system
• Configure AFM Network Firewall in a positive or negative security model
• Configure Network Firewall to allow or deny network traffic using rules based on protocol, source,
destination, geography, and other predicate types
• Prebuild firewall rules using lists and schedule components
• Enforce firewall rules immediately or test them using policy staging
• Use Packet Tester and Flow Inspector features to check network connections against your security
configurations for Network Firewall, IP intelligence and DoS features
• Configure various IP Intelligence features to identify, record, allow or deny access by IP address
• Configure the Device DoS detection and mitigation feature to protect the BIG-IP device and all
applications from multiple types of attack vectors
• Configure DoS detection and mitigation on a per-profile basic to protect specific applications from attack
• Use DoS Dynamic Signatures to automatically protect the system from DoS attacks based on long term
traffic and resource load patterns
• Configure and use the AFM local and remote log facilities
• Configure and monitor AFM’s status with various reporting facilities
• Export AFM system reports to your external monitoring system directly or via scheduled mail
• Allow chosen traffic to bypass DoS checks using Whitelists
• Isolate potentially bad clients from good using the Sweep Flood feature
• Isolate and re-route potentially bad network traffic for further inspection using IP Intelligence Shun
functionality
• Restrict and report on certain types of DNS requests using DNS Firewall
• Configure, mitigate, and report on DNS based DoS attacks with the DNS DoS facility
• Configure, mitigate, and report on SIP based DoS attacks with the SIP DoS facility
• Configure, block, and report on the misuse of system services and ports using the Port Misuse feature
• Build and configure Network Firewall rules using BIG-IP iRules
• Be able to monitor and do initial troubleshooting of various AFM functionality

SUNSET LEARNING INSTITUTE | 888.888.5251 | WWW.SUNSETLEARNING.COM


SUNSET LEARNING INSTITUTE
CLOUD TECHNOLOGY TRAINING PROVIDER
EDUCATE. INNOVATE. OPTIMIZE.

COURSE OUTLINE:
Lesson 1: Setting up the BIG-IP System
• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP System Configuration
• Leveraging F5 Support Resources and Tools
Lesson 2: AFM Overview and Network Firewall
• AFM Overview
• AFM Availability
• AFM and the BIG-IP Security Menu
• Explaining F5 Terminology
• Network Firewall
• Contexts
• Modes
• Packet Processing
• Rules and Direction
• Rules Contexts and Processing
• Inline Rule Editor
• Configuring Network Firewall
• Network Firewall Rules and Policies
• Network Firewall Rule Creation
• Identifying Traffic by Region with Geolocation
• Identifying Redundant and Conflicting Rules
• Identifying Stale Rules
• Prebuilding Firewall Rules with Lists and Schedules
• Rule Lists
• Address Lists
• Port Lists
• Schedules
• Network Firewall Policies
• Policy Status and Management
• Other Rule Actions
• Redirecting Traffic with Send to Virtual
• Checking Rule Processing with Packet Tester
• Examining Connections with Flow Inspector
Lesson 3: Logs
• Event Logs
• Logging Profiles
• Limiting Log Messages with Log Throttling
• Enabling Logging in Firewall Rules
• BIG-IP Logging Mechanisms

SUNSET LEARNING INSTITUTE | 888.888.5251 | WWW.SUNSETLEARNING.COM


SUNSET LEARNING INSTITUTE
CLOUD TECHNOLOGY TRAINING PROVIDER
EDUCATE. INNOVATE. OPTIMIZE.

• Log Publisher
• Log Destination
• Filtering Logs with the Custom Search Facility
• Logging Global Rule Events
• Log Configuration Changes
• QKView and Log Files
• SNMP MIB
• SNMP Traps
Lesson 4: IP Intelligence
• Overview
• Feature 1 Dynamic White and Black Lists
• Black List Categories
• Feed Lists
• IP Intelligence Policies
• IP Intelligence Log Profile
• IP Intelligence Reporting
• Troubleshooting IP Intelligence Lists
• Feature 2 IP Intelligence Database
• Licensing
• Installation
• Configuration
• Troubleshooting
• IP Intelligence iRule
Lesson 5: DoS Protection
• Denial of Service and DoS Protection Overview
• Device DoS Protection
• Configuring Device DoS Protection
• Variant 1 DoS Vectors
• Variant 2 DoS Vectors
• Automatic Threshold Configuration
• Variant 3 DoS Vectors
• Device DoS Profiles
• DoS Protection Profile
• Dynamic Signatures
• Dynamic Signatures Configuration
• DoS iRules
Lesson 6: Reports
• AFM Reporting Facilities Overview
• Examining the Status of Particular AFM Features
• Exporting the Data
• Managing the Reporting Settings

SUNSET LEARNING INSTITUTE | 888.888.5251 | WWW.SUNSETLEARNING.COM


SUNSET LEARNING INSTITUTE
CLOUD TECHNOLOGY TRAINING PROVIDER
EDUCATE. INNOVATE. OPTIMIZE.
• Scheduling Reports
• Examining AFM Status at High Level
• Mini Reporting Windows (Widgets)
• Building Custom Widgets
• Deleting and Restoring Widgets
• Dashboards
Lesson 7: DoS White Lists
• Bypassing DoS Checks with White Lists
• Configuring DoS White Lists
• tmsh options
• Per Profile Whitelist Address List
Lesson 8: DoS Sweep Flood Protection
• Isolating Bad Clients with Sweep Flood
• Configuring Sweep Flood
Lesson 9: IP Intelligence Shun
• Overview
• Manual Configuration
• Dynamic Configuration
• IP Intelligence Policy
• tmsh options
• Extending the Shun Feature
• Route this Traffic to Nowhere - Remotely Triggered Black Hole
• Route this Traffic for Further Processing - Scrubber
Lesson 10: DNS Firewall
• Filtering DNS Traffic with DNS Firewall
• Configuring DNS Firewall
• DNS Query Types
• DNS Opcode Types
• Logging DNS Firewall Events
• Troubleshooting
Lesson 11: DNS DoS
• Overview
• DNS DoS
• Configuring DNS DoS
• DoS Protection Profile
• Device DoS and DNS
Lesson 12: SIP DoS
• Session Initiation Protocol (SIP)
• Transactions and Dialogs
• SIP DoS Configuration
• DoS Protection Profile
• Device DoS and SIP

SUNSET LEARNING INSTITUTE | 888.888.5251 | WWW.SUNSETLEARNING.COM


SUNSET LEARNING INSTITUTE
CLOUD TECHNOLOGY TRAINING PROVIDER
EDUCATE. INNOVATE. OPTIMIZE.

Lesson 13: Port Misuse


• Overview
• Port Misuse and Service Policies
• Building a Port Misuse Policy
• Attaching a Service Policy
• Creating a Log Profile
Lesson 14: Network Firewall iRules
• Overview
• iRule Events
• Configuration
• When to use iRules
• More Information

SUNSET LEARNING INSTITUTE (SLI) DIFFERENTIATORS:


Sunset Learning Institute (SLI) has been an innovative leader in developing and delivering authorized technical
training since 1996. Our goal is to help our customers optimize their cloud technology investments by providing
convenient, high quality technical training that our customers can rely on. We empower students to master their
desired technologies for their unique environments.

What sets SLI apart is not only our immense selection of trainings options, but our convenient and consistent delivery
system. No matter how complex your environment is or where you are located, SLI is sure to have a training solution
that you can count on!

Premiere World Class Instruction Team


• All SLI instructors have a four-year technical degree, instructor level certifications and field consulting work
experience.
• Sunset Learning has won numerous Instructor Excellence and Instructor Quality Distinction awards since
2012

Enhanced Learning Experience


• The goal of our instructors during class is ensure students understand the material, guide them through our
labs and encourage questions and interactive discussions.

Convenient and Reliable Training Experience


• You have the option to attend classes at any of our established training facilities or from the convenience
of your home or office with the use of our HD-ILT network (High Definition Instructor Led Training)
• All Sunset Learning Institute classes are guaranteed to run – you can count on us to deliver the training you
need when you need it!

Outstanding Customer Service


• Dedicated account manager to suggest the optimal learning path for you and your team
• Enthusiastic Student Services team available to answer any questions and ensure a quality training
experience

SUNSET LEARNING INSTITUTE | 888.888.5251 | WWW.SUNSETLEARNING.COM

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy