Maxtrain.com - info@maxtrain.com - 513-322-8888 - 866-595-6863
F5 Networks Configuring BIG-IP AFM: Advanced Firewall Manager
Description
F5 Networks Configuring BIG-IP AFM Introduction:
Welcome to the F5 Networks Configuring BIG-IP AFM course. This program is designed for network operators, administrators, engineers, architects, and security professionals responsible for configuring and administering the BIG-IP Advanced Firewall Manager (AFM) system.
Throughout this course, you will dive deep into the intricacies of the BIG-IP AFM platform, exploring its powerful features and capabilities that enable robust network security.
The curriculum is carefully structured to cover a wide range of topics, including initial setup, policy configuration, firewall rule management, and advanced security features. You will learn how to leverage BIG-IP AFM’s unique functionalities to address specific network security needs, ensuring a secure and resilient network environment.
Moreover, the course is continually updated to include the latest developments and best practices in network security management. As the cyber threat landscape evolves, it is crucial to stay abreast of emerging challenges and the latest defensive technologies. This course provides insights into the most recent updates and enhancements in the BIG-IP AFM system, preparing you to tackle current and future security threats effectively.
By the end of this course, you will have developed a comprehensive understanding of BIG-IP AFM and be equipped with the skills to implement, manage, and optimize its features for maximum network security.
Course Objectives
This course offers an in-depth exploration of the BIG-IP AFM system, covering a broad spectrum of topics from basic setup to advanced security measures. You’ll acquire hands-on experience in configuring and maintaining the system. Here’s what the course covers:
- Dive into BIG-IP AFM system management, from basic setup to advanced security. This course encompasses:
- BIG-IP System Basics: Learn the essentials of setup, configuration, licensing, module provisioning, network settings, and support resources.
- AFM & Firewall Configuration: Explore AFM’s role in security, manage the Network Firewall, and understand rule lists, policies, and monitoring tools like Packet Tester and Flow Inspector.
- Logging and Monitoring: Master event log analysis, logging profiles, and efficient log management. Get familiar with BIG-IP’s logging mechanisms and customization.
- IP Intelligence & DoS Defense: Study IP Intelligence database setup, dynamic lists, and DoS attack mitigation techniques, including Device DoS protection and signature utilization.
- Reporting and Analytics: Utilize AFM’s reporting tools for network insights, learn to manage and schedule reports, and create custom monitoring widgets.
- Advanced Security Topics: Delve into complex areas such as DoS White Lists, Flood Protection, DNS Firewall, and Network Firewall iRules for enhanced network security.
Audience
- This course is intended for network administrators, operators, engineers, architects, and security professionals responsible for managing the day-to-day operation and administration of a BIG-IP application delivery network.
Prerequisites
- To make the most of this course, it’s recommended that participants have a solid understanding of the OSI model, TCP/IP addressing and routing, WAN and LAN environments, and server redundancy concepts.
F5 Networks Configuring BIG-IP AFM Course Outline
Setting up the BIG-IP System
- Introduction to the BIG-IP System
- Initial setup and configuration
- Archiving configurations and utilizing support resources
AFM Overview and Network Firewall
- Understanding AFM’s role and availability
- Exploring AFM and the BIG-IP Security Menu
- Configuring Network Firewall for traffic processing and rules
- Rule lists, schedules, and policies
- Using Packet Tester and Flow Inspector for checking connections
Logs
- Event logs and logging profiles
- Limiting log messages with log throttling
- Enabling logging in firewall rules
- BIG-IP logging mechanisms
- Custom search facility and logging configuration changes
IP Intelligence
- Dynamic white and blacklists
- IP Intelligence database, licensing, and configuration
- Troubleshooting IP Intelligence
- IP Intelligence iRule
DoS Protection
- Denial of Service (DoS) overview
- Device DoS protection and configuration
- Automatic threshold configuration and dynamic signatures
- Device DoS profiles and DoS iRules
Reports
- AFM reporting facilities and data export
- Managing reporting settings and scheduling reports
- Examining AFM status and creating custom widgets
DoS White Lists
- Bypassing DoS checks with white lists
- Configuring DoS white lists per profile
DoS Sweep Flood Protection
- Isolating bad clients with Sweep Flood
- Configuring Sweep Flood protection
IP Intelligence Shun
- Manual and dynamic shunning configuration
- Extending the shun feature
DNS Firewall
- Filtering DNS traffic with DNS Firewall
- Configuring DNS Firewall and logging events
DNS DoS
- DNS DoS overview and configuration
SIP DoS
- Session Initiation Protocol (SIP) and its configuration
Port Misuse
- Port Misuse and Service Policies
- Building a Port Misuse policy and creating a log profile
Network Firewall iRules
- Overview of iRules events and configuration
$2310.00
|
2 Days Course |