Visão Geral

Este Curso F5 Networks Configuring BIG-IP AFM, utiliza palestras e exercícios práticos para proporcionar aos participantes experiência em tempo real na instalação e configuração do sistema BIG-IP Advanced Firewall Manager (AFM). Os alunos são apresentados à interface de usuário do AFM, percorrendo diversas opções que demonstram como o AFM é configurado para construir um firewall de rede e para detectar e proteger contra ataques DoS (Denial of Service). Os recursos de relatórios e registros também são explicados e usados ​​nos laboratórios do curso. São discutidas outras funcionalidades do Firewall e recursos adicionais de DoS para tráfego DNS e SIP.

Publico Alvo

Este Curso F5 Networks Configuring BIG-IP AFM é destinado a operadores de rede, administradores de rede, engenheiros de rede, arquitetos de rede, administradores de segurança e arquitetos de segurança responsáveis ​​pela instalação, instalação, configuração e administração do sistema BIG-IP AFM.

Pre-Requisitos

• Administração de BIG-IP, modelo OSI, endereçamento e roteamento TCP/IP, ambientes WAN, LAN e conceitos de redundância de servidores; ou ter obtido a Certificação de Administração TMOS

Materiais

Conteúdo Programatico

Setting up the BIG-IP System

1. Introducing the BIG-IP System
2. Initially Setting Up the BIG-IP System
3. Archiving the BIG-IP System Configuration
4. Leveraging F5 Support Resources and Tools

AFM Overview

1. AFM Overview
2. AFM Availability
3. AFM and the BIG-IP Security Menu

Network Firewall

1. AFM Firewalls
2. Contexts
3. Modes
4. Packet Processing
5. Rules and Direction
6. Rules Contexts and Processing
7. Inline Rule Editor
8. Configuring Network Firewall
9. Network Firewall Rules and Policies
10. Network Firewall Rule Creation
11. Identifying Traffic by Region with Geolocation
12. Identifying Redundant and Conflicting Rules
13. Identifying Stale Rules
14. Prebuilding Firewall Rules with Lists and Schedules
15. Rule Lists
16. Address Lists
17. Port Lists
18. Schedules
19. Network Firewall Policies
20. Policy Status and Management
21. Other Rule Actions
22. Redirecting Traffic with Send to Virtual
23. Checking Rule Processing with Packet Tester
24. Examining Connections with Flow Inspector

Logs

1. Event Logs
2. Logging Profiles
3. Limiting Log Messages with Log Throttling
4. Enabling Logging in Firewall Rules
5. BIG-IP Logging Mechanisms
6. Log Publisher
7. Log Destination
8. Filtering Logs with the Custom Search Facility
9. Logging Global Rule Events
10. Log Configuration Changes
11. QKView and Log Files
12. SNMP MIB
13. SNMP Traps

 IP Intelligence

1. Overview
2. IP Intelligence Policy
3. Feature 1 Dynamic White and Black Lists
4. Black List Categories
5. Feed Lists
6. IP Intelligence Log Profile
7. IP Intelligence Reporting
8. Troubleshooting IP Intelligence Lists
9. Feature 2 IP Intelligence Database
10. Licensing
11. Installation
12. Configuration
13. Troubleshooting
14. IP Intelligence iRule

DoS Protection

1. Denial of Service and DoS Protection Overview
2. Device DoS Protection
3. Configuring Device DoS Protection
4. Variant 1 DoS Vectors
5. Variant 2 DoS Vectors
6. Automatic Threshold Configuration
7. Variant 3 DoS Vectors
8. Device DoS Profiles
9. DoS Protection Profile
10. Dynamic Signatures
11. Dynamic Signatures Configuration
12. DoS iRules

Reports

1. AFM Reporting Facilities Overview
2. Examining the Status of Particular AFM Features
3. Exporting the Data
4. Managing the Reporting Settings
5. Scheduling Reports
6. Examining AFM Status at High Level
7. Mini Reporting Windows (Widgets)
8. Building Custom Widgets
9. Deleting and Restoring Widgets
10. Dashboards

DoS White Lists

1. Bypassing DoS Checks with White Lists
2. Configuring DoS White Lists
3. tmsh options
4. Per Profile Whitelist Address List

DoS Sweep Flood Protection

1. Isolating Bad Clients with Sweep Flood
2. Configuring Sweep Flood

 IP Intelligence Shun

1. Overview
2. Manual Configuration
3. Dynamic Configuration
4. IP Intelligence Policy
5. tmsh options
6. Extending the Shun Feature
7. Route this Traffic to Nowhere – Remotely Triggered Black Hole
8. Route this Traffic for Further Processing – Scrubber

DNS Firewall

1. Filtering DNS Traffic with DNS Firewall
2. Configuring DNS Firewall
3. DNS Query Types
4. DNS Opcode Types
5. Logging DNS Firewall Events
6. Troubleshooting

DNS DoS

1. Overview
2. DNS DoS
3. Configuring DNS DoS
4. DoS Protection Profile
5. Device DoS and DNS

 SIP DoS

1. Session Initiation Protocol (SIP)
2. Transactions and Dialogs
3. SIP DoS Configuration
4. DoS Protection Profile
5. Device DoS and SIP

 Port Misuse

1. Overview
2. Port Misuse and Service Policies
3. Building a Port Misuse Policy
4. Attaching a Service Policy
5. Creating a Log Profile

Network Firewall iRules

1. Overview
2. iRule Events
3. Configuration
4. When to use iRules
5. More Information

 Recap

1. BIG-IP Architecture and Traffic Flow
2. AFM Packet Processing Overview