Configuring BIG-IP AFM: Advanced Firewall Manager (TRG-BIG-

AFM-CFG)

ID TRG-BIG-AFM-CFG Prezzo 1.900,– € (IVA esclusa) Durata 2 Giorni

Course Overview The following general network technology knowledge and

experience are recommended before attending any F5 Global
This course uses lectures and hands-on exercises to give Training Services instructor-led course:
participants real-time experience in setting up and configuring the
BIG-IP Advanced Firewall Manager (AFM) system. Students are OSI model encapsulation
introduced to the AFM user interface, stepping through various Routing and switching
options that demonstrate how AFM is configured to build a network Ethernet and ARP
TCP/IP concepts
firewall and to detect and protect against DoS (Denial of Service)
IP addressing and subnetting
attacks. Reporting and log facilities are also explained and used in NAT and private IP addressing
the course labs. Further Firewall functionality and additional DoS Default gateway
facilities for DNS and SIP traffic are discussed. Network firewalls
LAN vs. WAN

Chi dovrebbe partecipare The following course-specific knowledge and experience is

suggested before attending this course:
This course is intended for network operators, network
administrators, network engineers, network architects, security HTTP and DNS protocols
administrators, and security architects responsible for installation,
setup, configuration, and administration of the BIG-IP AFM system.
Obiettivi del Corso

Configure and manage an AFM system

Prerequisiti
Configure AFM Network Firewall in a positive or negative
security model
Students must complete one of the following F5 prerequisites Configure Network Firewall to allow or deny network traffic
before attending this course: using rules based on protocol, source, destination,
geography, and other predicate types
Administering BIG-IP (TRG-BIG-OP-ADMIN) instructor-led Prebuild firewall rules using lists and schedule components
course Enforce firewall rules immediately or test them using policy
or staging
F5 Certified BIG-IP Administrator Use Packet Tester and Flow Inspector features to check
network connections against your security configurations
The following free web-based courses, although optional, will be for Network Firewall, IP intelligence and DoS features
very helpful for any student with limited BIG-IP administration and Configure various IP Intelligence features to identify,
record, allow or deny access by IP address
configuration experience. These courses are available at F5
Configure the Device DoS detection and mitigation feature
University:
to protect the BIG-IP device and all applications from
multiple types of attack vectors
Getting Started with BIG-IP web-based training Configure DoS detection and mitigation on a per-profile
Getting Started with BIG-IP Local Traffic Manager (LTM) basic to protect specific applications from attack
web-based training Use DoS Dynamic Signatures to automatically protect the
Getting Started with BIG-IP Advanced Firewall Manager system from DoS attacks based on long term traffic and
(AFM) web-based training resource load patterns

www.flane.de / www.flane.ch
 Configure and use the AFM local and remote log facilities Chapter 2: AFM Overview
Configure and monitor AFM’s status with various reporting
facilities AFM Overview
Export AFM system reports to your external monitoring AFM Availability
system directly or via scheduled mail AFM and the BIG-IP Security Menu
Allow chosen traffic to bypass DoS checks using Whitelists
Isolate potentially bad clients from good using the Sweep Chapter 3: Network Firewall
Flood feature
Isolate and re-route potentially bad network traffic for AFM Firewalls
further inspection using IP Intelligence Shun functionality Contexts
Restrict and report on certain types of DNS requests using Modes
DNS Firewall Packet Processing
Configure, mitigate, and report on DNS based DoS attacks Rules and Direction
with the DNS DoS facility Rules Contexts and Processing
Configure, mitigate, and report on SIP based DoS attacks Inline Rule Editor
with the SIP DoS facility Configuring Network Firewall
Configure, block, and report on the misuse of system Network Firewall Rules and Policies
services and ports using the Port Misuse feature Network Firewall Rule Creation
Build and configure Network Firewall rules using BIG-IP Identifying Traffic by Region with Geolocation
iRules Identifying Redundant and Conflicting Rules
Be able to monitor and do initial troubleshooting of various Identifying Stale Rules
AFM functionality Prebuilding Firewall Rules with Lists and Schedules
Rule Lists
Address Lists
Contenuti del Corso Port Lists
Schedules
Setting up the BIG-IP System Network Firewall Policies
AFM Overview Policy Status and Management
Network Firewall Other Rule Actions
Logs Redirecting Traffic with Send to Virtual
IP Intelligence Checking Rule Processing with Packet Tester
DoS Protection Examining Connections with Flow Inspector
Reports
DoS White Lists Chapter 4: Logs
DoS Sweep Flood Protection
IP Intelligence Shun Event Logs
DNS Firewall Logging Profiles
DNS DoS Limiting Log Messages with Log Throttling
SIP DoS Enabling Logging in Firewall Rules
Port Misuse BIG-IP Logging Mechanisms
Network Firewall iRules Log Publisher
Recap Log Destination
Additional Training and Certification Filtering Logs with the Custom Search Facility
Logging Global Rule Events
Log Configuration Changes
Contenuti dettagliati del Corso QKView and Log Files
SNMP MIB
Chapter 1: Setting up the BIG-IP System SNMP Traps

Introducing the BIG-IP System

Chapter 5: IP Intelligence
Initially Setting Up the BIG-IP System
Archiving the BIG-IP System Configuration Overview
Leveraging F5 Support Resources and Tools IP Intelligence Policy
Feature 1 Dynamic White and Blacklists

www.flane.de / www.flane.ch
 Black List Categories Chapter 10: IP Intelligence Shun
Feed Lists
Applying an IP Intelligence Policy Overview
IP Intelligence Log Profile Manual Configuration
IP Intelligence Reporting Dynamic Configuration
Troubleshooting IP Intelligence Lists IP Intelligence Policy
Feature 2 IP Intelligence Database tmsh options
Licensing Troubleshooting
Installation Extending the Shun Feature
Linking the Database to the P Intelligence Policy Route this Traffic to Nowhere - Remotely Triggered Black
Troubleshooting Hole
IP Intelligence iRule Route this Traffic for Further Processing - Scrubber

Chapter 6: DoS Protection Chapter 11: DNS Firewall

Denial of Service and DoS Protection Overview Filtering DNS Traffic with DNS Firewall
Device DoS Protection Configuring DNS Firewall
Configuring Device DoS Protection DNS Query Types
Variant 1 DoS Vectors DNS Opcode Types
Variant 2 DoS Vectors Logging DNS Firewall Events
Automatic Configuration or Automatic Thresholds Troubleshooting
Variant 3 DoS Vectors
Device DoS Profiles Chapter 12: DNS DoS
DoS Protection Profile
Dynamic Signatures Overview
Dynamic Signatures Configuration DNS DoS
DoS iRules Configuring DNS DoS
DoS Protection Profile
Chapter 7: Reports Device DoS and DNS

AFM Reporting Facilities Overview Chapter 13: SIP DoS

Examining the Status of Particular AFM Features
Exporting the Data Session Initiation Protocol (SIP)
Managing the Reporting Settings Transactions and Dialogs
Scheduling Reports SIP DoS Configuration
Troubleshooting Scheduled Reports DoS Protection Profile
Examining AFM Status at High Level Device DoS and SIP
Mini Reporting Windows (Widgets)
Building Custom Widgets Chapter 14: Port Misuse
Deleting and Restoring Widgets
Dashboards Overview
Port Misuse and Service Policies
Chapter 8: DoS White Lists Building a Port Misuse Policy
Attaching a Service Policy
Bypassing DoS Checks with White Lists Creating a Log Profile
Configuring DoS White Lists
tmsh options Chapter 15: Network Firewall iRules
Per Profile Whitelist Address List
Overview
Chapter 9: DoS Sweep Flood Protection iRule Events
Configuration
Isolating Bad Clients with Sweep Flood When to use iRules
Configuring Sweep Flood More Information

www.flane.de / www.flane.ch
Chapter 16: Recap

BIG-IP Architecture and Traffic Flow

AFM Packet Processing Overview

Chapter 17: Additional Training and Certification

Getting Started Series Web-Based Training

F5 Instructor Led Training Curriculum
F5 Professional Certification Program

www.flane.de / www.flane.ch
 Chi è Fast Lane
Fast Lane è uno dei leader mondiali nella formazione IT, e offre soluzioni
formative complete su tutte le tecnologie avanzate Cisco, Microsoft,
Amazon Web Sevices (AWS), Google Cloud, Red Hat, Aruba Networks,I Servizi I Servizi
FastFast Lane
Lane
VMware, Palo Alto Networks, NetApp, CertNexus, IBM (grazie alla3 Formazione 3 Formazione IT High
IT High EndEnd
partnership con Arrow ECS, IBM Global Training Provider), ITIL® e molto altro.3 Formazione
3 Formazione Business
Business & Soft
& Soft SkillSkill
3 Servizi
3 Servizi di Consulenza
di Consulenza
Formazione basata sulle esigenze del cliente 3 Servizi
3 Servizi di Formazione
di Formazione Aziendale
Aziendale
Seguire un corso con Fast Lane non significa unicamente 3 Soluzioni
Soluzioni
3 di di Digital
Digital Learning
Learning
apprendere fondamentali nozioni teoriche. Gli 3 Sviluppo
istruttori,3 Sviluppo di Contenuti
di Contenuti
Laboratori
utilizzando laboratori all’avanguardia, forniscono agli studenti3 Laboratori Remoti
3 Remoti
3 Servizi
esperienze pratiche di problem solving su situazioni che possono3 Servizi Gestionali
Gestionali di Eventi
di Eventi
verificarsi nell’ambiente lavorativo, trasferendo conoscenze che
potranno essere sfruttate immediatamente, incrementando così laMetodologie
Metodologie Formative
Formative
produttività e l’efficienza sul lavoro. 3 Formazione
3 Formazione in Aula
in Aula
3 Formazione
3 Formazione Online
Online concon Istruttore
Istruttore
Gli istruttori contribuiscono in prima persona allo sviluppo di corsi su3 FLEX Classroom – Formazione Ibrida
3 FLEX Classroom – Formazione Ibrida
tecnologie avanzate ed emergenti, al fine di garantire agli studenti l’accesso In Aula
In Aula e Online
e Online
ad una formazione sempre aggiornata. 3 Formazione
Formazione
3 Onsite
Onsite & Personalizzata
& Personalizzata
3 E-Learning
3 E-Learning
3 Formazione
3 Formazione Blended
Blended & Ibrida
& Ibrida

PlatinumPlatinum
LearningLearning
Partner Partner

Tecnologie
Tecnologie & Soluzioni
& Soluzioni
3 Digital
3 Digital Transformation
Transformation
3 Artificial
3 Artificial Intelligence
Intelligence
3 Cloud
3 Cloud
3 Networking
3 Networking
3 Cyber
3 Cyber Security
Security
3 Wireless
3 Wireless & Mobility
& Mobility
3 Modern
3 Modern Workplace
Workplace
AUTHORIZEDAUTHORIZED

3 Data
3 Data Center
Center
Training Provider
Training Provider

Presenza Worlwide Molteplici premi ricevuti Istruttori Certificati

Siamo presenti con centri di Dai principali vendor del settore IT: Oltre 19.000 certificazioni
formazione in oltre 60 paesi Cisco, AWS, Google, NetApp, VMware tecnologiche complessive

Per approfondimenti e per ricevere supporto nella definizione

di un percorso formativo, contattare il numero 02 255081 o
scrivere a info@flane.it

Sul sito www.flane.it è possibile visualizzare:

• L’offerta formativa completa
• I percorsi di certificazione
• Webinar e articoli tecnici gratuiti

www.flane.it info@flane.it

Powered by TCPDF (www.tcpdf.org)