این دوره بصورت فشرده شامل سرفصل دوره های F5 BIG-IP Administration & Troubleshooting، F5 BIG-IP DNS Administration و F5 BIG-IP AFM Administration می باشد. قطعا جهت آشنایی حرفه ای تر و درک عمیق تر سرفصل های این دوره، گذراندن دوره Advanced + Workshop نیز پیشنهاد می شود.

 

 

پیش‌ نیاز دوره:

  • Network+
  •  Security Concepts & Terminology
  • DNS Protocol

مدت زمان دوره: 100 ساعت

مدرس دوره: مهندس پرهام امام جمعه

سرفصل دوره:

 

F5 BIG-IP Administration and Troubleshooting

  • Application Delivery Controller – Deployment Method
  • BIG-IP Terminology and Concepts
  • VLAN, Self-IP, Floating-IP and Access Management
  • Pool, Pool Member and Node
  • Configuration of Different Pool Monitors
  • NAT, SNAT and DNAT configuration
  • Full-proxy Architecture with NAT Operation
  • Configuration of Important Traffic Profiles
  • HA (High Availability) Configuration and Fail-safe
  • Hardware Diagnostics
  • TMSH Commands for BIG-IP Administration
  • TCPDUMP Command for Traffic Capturing
  • AOM (Always-On Management)
  • Leveraging iHealth to Check Functional Status of Device
  • Software and Configuration Maintenance
  • Creating Backup Files and Restoring Backup
  • Administrative Partitions
  • Different User Roles
  • F5 BIG-IP Maintenance
  • External APIs, Programming or Automation Interfaces
  • F5 Support Resources and Tools
  • APPENDIX: TMOS v12.0, v13.0, v14.0, v15.0 (New Features)

 

F5 BIG-IP DNS Administration

  • Overview of Domain Name System
  • Introduction to BIG-IP DNS/GTM
  • BIG-IP DNS Objects/Resources
  • DNS Listener Virtual Servers
  • Prober Pools to Assist Intelligent DNS Resolution
  • GSLB and Intelligent DNS Load-balancing Methods
  • iQuery and Communications Between BIG-IP Systems
  • Configuring BIG-IP DNS Sync Groups
  • Technical Overview of DNS Profile
  • Accelerating DNS Resolution with DNS Express
  • Securing DNS Communications with DNSSEC
  • Accelerating DNS Resolution with DNS Cache
  • DoH (DNS – over – HTTPS)
  • Using iRule Scripts in DNS Resolution Process
  • Top Dangerous DNS Attacks and Defenses

 

F5 BIG-IP AFM Administration

  • Introduction to BIG-IP AFM System
  • F5-AFM (Network Firewall + DDoS Engine)
  • Network Firewall Options and Modes
  • Flow Eviction Policy
  • Firewall NAT for IP and Port Translation
  • Firewall Rules, Policies, Address/Port/Rule Lists
  • IP Intelligence and Whitelists/Blacklists
  • PSP (Protocol Security Profiles) – DNS and HTTP
  • PIP (Protocol Inspection Profiles) – IPS
  • DoS Attacks Detection and Mitigation
  • DoS Whitelists, Sweep/Flood, SYN Cookie Protection
  • DNS Firewall, DNS DoS, SIP DoS
  • DDoS-Resistant Architecture (Three-tier Solution)
  • DoS Attacks Reporting and Event Logging
  • Network Firewall (AFM) iRules
  • Administration and Troubleshooting BIG-IP AFM Components