F5 Networks Configuring BIG-IP AFM: Advanced Firewall Manager

Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed.

Course Outline

Lesson 1 : Setting Up the BIG-IP System

  • Introducing the BIG-IP System

  • Initially Setting Up the BIG-IP System

  • Archiving the BIG-IP Configuration

  • Leveraging F5 Support Resources and Tools


Lesson 2 : AFM Overview and Network Firewall

  • AFM Overview

  • AFM Release History

  • AFM Availability

  • What do you see?

  • Terminology

  • Network Firewall

  • AFM Contexts

  • AFM Modes

  • AFM Packet Processing

  • AFM Rules and Direction

  • Rules Contexts and Processing

  • Configuring Network Firewall

  • Network Firewall Rules

  • Geolocation

  • Redundant and Conflicting Rules

  • Stale Rules

  • Lists and Schedules

  • Rule Lists

  • Address Lists

  • Port Lists

  • Schedules

  • Policies

  • Policy Status and Firewall Policy Management

  • Inline Rule Editor


Lesson 3 : Logs

  • Event Logs

  • Logging Profiles

  • Log Throttling

  • Traffic Flow Statistics

  • Logging and Logging Profiles

  • BIG-IP Logging Mechanisms

  • Publisher

  • Log Destination

  • Custom Search

  • Logging Global Rule Events

  • Log Configuration Changes

  • QKView

  • Other Log Files

  • SNMP MIB

  • SNMP Traps


Lesson 4 : IP Intelligence

  • Overview

  • Architecture

  • Feature 1 Dynamic Black and White Lists

  • Black List Categories

  • Feed Lists

  • IP Intelligence Policies

  • IP Intelligence Log Profile

  • IP Intelligence Reporting

  • Troubleshooting IP Intelligence Lists

  • Feature 2 IP Intelligence Database

  • Licensing

  • Installation

  • Configuration

  • Troubleshooting

  • IP Intelligence


Lesson 5 : Device DoS

  • Policies

  • Policy Status and Firewall Policy Management

  • Inline Rule Editor


Lesson 6 : Reports

  • Reports

  • Reporting

  • General Reporting Facilities

  • Charts

  • Details

  • Report Export

  • Network Screens

  • DoS Screens

  • Settings

  • Overview

  • Summary

  • Widgets

  • Time Periods, Settings, Export, and Delete Options

  • Firewall Manager


Lesson 7 : DoS White Lists

  • White Lists

  • Configuration

  • tmsh


Lesson 8 : DoS Sweep Flood Protection

  • Sweep Flood

  • Configuration


Lesson 9 : IP Intelligence Shun

  • IP Intelligence Shun

  • Manual

  • Dynamic

  • IP Intelligence Policy

  • tmsh

  • Troubleshooting


Lesson 10 : DNS Firewall

  • DNS Firewall

  • DNS Query

  • DNS Opcodes

  • Troubleshooting


Lesson 11 : DNS DoS

  • DNS DoS

  • DoS Protection Profile

  • Device DoS


Lesson 12 : SIP DoS

  • Session Initiation Protocol (SIP)

  • Transactions and Dialogs

  • SIP DoS

  • DoS Protection Profile

  • Device DoS

  • SIP iRules


Lesson 13 : Network Firewall iRules

  • Network Firewall iRules

  • iRule Events

  • Use Cases

  • Recommended Practice

  • More Information


Lesson 14 : DoS iRules

  • DoS iRules

  • iRule Events

  • Use Cases

  • More Information


Lesson 15 : Additional Training and Certification

  • Getting Started Series Web-Based Training

  • F5 Instructor Led Training Curriculum

  • F5 Professional Certification Program

Audience

This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP Advanced Firewall Manager (AFM) system.

Available Course Dates

10/18/2017 10:00 am - 10/19/2017 6:00 pm
12/06/2017 10:00 am - 12/07/2017 6:00 pm
Click here to sign up for this class