Training

This course is intended for system and network administrators responsible for the installation, configuration and administration of the BIG-IP LTM system.

Participants must have completed one of the following F5 pre-training courses before taking this course:

• Administering BIG-IP (TRG-BIG-OP-ADMIN)
• Certified administrator F5 BIG-IP

It is recommended that you have the following general knowledge and experience in network technology before participating in a course given by an instructor at F5 Global Training Services:

• Encapsulation of the OSI model
• Routing and switching
• Ethernet and ARP
• TCP/IP concepts
• IP address and subnet
• NAT and private IP address
• Default Gateway
• Network firewall
• LAN vs. WAN

It is advisable to acquire the following specific knowledge and experience before participating in this course:

• Distribution of web applications
• HTTP, HTTPS, FTP and SSH protocols
• TLS/SSL

At the end of the training, you will be able to:

• Save BIG-IP configuration to ensure security
• Configure virtual servers, pools, monitors, profiles and persistent objects
• Test and verify the delivery of applications by the BIG-IP system using local traffic statistics
• Configure the activation of priority groups on a load balancing pool to allow servers to only be activated when needed to process traffic
• Compare and contrast dynamic load balancing methods based on members and nodes
• Configure connection limits to place a threshold on the volume of traffic to particular pool members and nodes
• Make the difference between the persistence of cookies, SSL, SIP, universal and the persistence of affinity of the destination address, and describe the use cases for each of them.
• Describe the three persistent Match Across Services options and use cases for each of them
• Configure health monitors to properly monitor the delivery of applications via a BIG-IP system
• Configure different types of virtual services to support different types of traffic processing via a BIG-IP system
• Configure different types of SNAT to support traffic routing via a BIG-IP system
• Configure tagging and VLAN trunking
• Restrict administrative and application traffic through the BIG-IP system using packet filters, port locks and virtual server settings.
• Configure SNMP alerts and traps for remote monitoring of BIG-IP system
• Use iRules and local traffic policies appropriately to customize the delivery of applications via the BIG-IP system
• Configure BIG-IP to detect and mitigate some common network and application-layer attacks using LTM features such as SYN verification, eviction policies, iRules and local traffic policies.

• Initial BIG-IP configuration (licence, provisioning and network configuration)
• Review of BIG-IP local traffic configuration objects
• Use of dynamic load balancing methods
• Changes in traffic behaviour with persistence (including SSL, SIP, universal, and persistence of affinity of destination address)
• Health monitoring of applications with layer 3, layer 4 and layer 7 monitors (including transparent, scripted and external monitors)
• Traffic processing with virtual servers (including virtual network, transfer and reject servers)
• Traffic processing with SNAT (including SNAT pools and SNAT as auditors)
• Modification of traffic behavior using profiles (including TCP profiles, advanced HTTP profile options, cache, compression and OneConnect profiles)
• Advanced configuration options for BIG-IP LTM (including VLAN marking and trunking, SNMP functions, package filters and route domains)
• Customizing the provision of applications with iRules and local traffic policies
• Secured supply of applications using BIG-IP LTM