Consulting Training Blog Careers About Us Contact Us

F5 Networks Configuring BIG-IP AFM v13: Advanced Firewall Manager Training

Upcoming Classes

Sorry, nothing scheduled right now. Click the Get Notified button below to be alerted when a class is scheduled.

Get Notified

On Site/Private

Can't find a class that fits right for you? Contact us to inquire about scheduling your own private class

Contact Us

Description

This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed.

Bring This Course To You

For groups of 5 or more, let Intertech bring this course to your location. Customized versions tailored towards your objectives are also available.

Learn More

Audience

This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP AFM system.

Prerequisites

This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP AFM system.

Course Outline

Lesson 1 : Setting up the BIG-IP System

Introducing the BIG-IP System 
Initially Setting Up the BIG-IP System 
Archiving the BIG-IP Configuration 
Leveraging F5 Support Resources and Tools 
Chapter Resources 
BIG-IP System Setup Labs

Lesson 2 : AFM Overview and Network Firewall

AFM Overview 
AFM Release History 
AFM Availability 
What do you see? 
Terminology 
Network Firewall 
AFM Contexts 
AFM Modes 
AFM Packet Processing 
AFM Rules and Direction 
Rules Contexts and Processing 
Configuring Network Firewall 
Network Firewall Rules 
Geolocation 
Redundant and Conflicting Rules 
Stale Rules 
Lists and Schedules 
Rule Lists 
Address Lists 
Port Lists 
Schedules 
Policies 
Policy Status and Firewall Policy Management 
Inline Rule Editor 
Send to Virtual 
Packet Tester

Lesson 3 : Logs

Overview 
Event Logs 
Logging Profiles 
Log Throttling 
Logging and Logging Profiles 
BIG-IP Logging Mechanisms 
Publisher 
Log Destination 
Custom Search 
Logging Global Rule Events 
Log Configuration Changes 
QKView and Log Files 
SNMP MIB 
SNMP Traps

Lesson 4 : IP Intelligence

Overview 
Feature 1 Dynamic Black and White Lists 
Black List Categories 
Feed Lists 
IP Intelligence Policies 
IP Intelligence Log Profile 
IP Intelligence Reporting 
Troubleshooting IP Intelligence Lists 
Feature 2 IP Intelligence Database 
Licensing 
Installation 
Configuration 
Troubleshooting 
IP Intelligence iRule

Lesson 5 : Device DoS

Denial of Service and DoS Protection Overview 
Device DoS 
Configuring Device DoS 
Variant 1 
Variant 2 
Auto-Threshold Configuration 
Variant 3 
Bad Actor and Blacklist Address 
Device DoS Profiles 
DoS Protection Profile 
Dynamic Signatures 
DoS iRules

Lesson 6 : Reports

Reports 
Reporting 
General Reporting Facilities 
Time Series Chart 
Details 
Report Export 
DoS Screens 
Dashboard 
Analysis 
Custom Page 
Settings 
Scheduled Reports 
Troubleshooting Scheduled Reports 
Overview 
Summary 
Widgets 
Custom Widgets 
Deleting and Restoring Widgets 
Firewall Manager

Lesson 7 : DoS White Lists

White Lists 
Configuration 
tmsh 
Source Address List

Lesson 8 : DoS Sweep Flood Protection

Sweep Flood 
Configuration

Lesson 9 : IP Intelligence Shun

IP Intelligence Shun 
Manual Configuration 
Dynamic Configuration 
IP Intelligence Policy 
tmsh 
Extending the Shun Feature 
Remotely Triggered Black Hole 
Scrubber

Lesson 10 : DNS Firewall

DNS Firewall 
Configuration 
DNS Query 
DNS Opcodes 
Logging 
Troubleshooting

Lesson 11 : DNS DoS

DNS DoS 
Configuration 
DoS Protection Profile 
Device DoS

Lesson 12 : SIP DoS

Session Initiation Protocol (SIP) 
Transactions and Dialogs 
SIP DoS Configuration 
DoS Protection Profile 
Device DoS 
SIP iRules

Lesson 13 : Network Firewall iRules

Network Firewall iRules 
iRule Events 
Configuration 
Recommended Practice 
More Information

Lesson 14 : Port Misuse

Port Misuse 
Port Misuse Policy 
Attaching a Service Policy 
Log Profile

 

Free Resources from Intertech

Free On-Demand Video Bundle: IoT, Agile/Scrum, and Leadership

Free Whitepaper: Design and Code Review Checklist

Free Recorded Webinar - Creating Dynamic LINQ Statements with Expression Trees

X