این دوره به صورت فشرده شامل سرفصل دورههای F5 BIG-IP Administration & Troubleshooting، F5 BIG-IP DNS Administration و F5 BIG-IP AFM Administration میباشد. قطعا جهت آشنایی حرفهایتر و درک عمیقتر سرفصلهای این دوره، گذراندن دوره Advanced + Workshop نیز پیشنهاد میشود.
پیش نیاز دوره:
Network+
Security Concepts & Terminology
DNS Protocol
مدت زمان دوره: 100 ساعت
مدرس دوره: مهندس پرهام امام جمعه
سرفصل دوره:
F5 BIG-IP Administration and Troubleshooting
Application Delivery Controller – Deployment Method
BIG-IP Terminology and Concepts
VLAN, Self-IP, Floating-IP and Access Management
Pool, Pool Member and Node
Configuration of Different Pool Monitors
NAT, SNAT and DNAT configuration
Full-proxy Architecture with NAT Operation
Configuration of Important Traffic Profiles
HA (High Availability) Configuration and Fail-safe
Hardware Diagnostics
TMSH Commands for BIG-IP Administration
TCPDUMP Command for Traffic Capturing
AOM (Always-On Management)
Leveraging iHealth to Check Functional Status of Device
Software and Configuration Maintenance
Creating Backup Files and Restoring Backup
Administrative Partitions
Different User Roles
F5 BIG-IP Maintenance
External APIs, Programming or Automation Interfaces
F5 Support Resources and Tools
APPENDIX: TMOS v12.0, v13.0, v14.0, v15.0 (New Features)
F5 BIG-IP DNS Administration
Overview of Domain Name System
Introduction to BIG-IP DNS/GTM
BIG-IP DNS Objects/Resources
DNS Listener Virtual Servers
Prober Pools to Assist Intelligent DNS Resolution
GSLB and Intelligent DNS Load-balancing Methods
iQuery and Communications Between BIG-IP Systems
Configuring BIG-IP DNS Sync Groups
Technical Overview of DNS Profile
Accelerating DNS Resolution with DNS Express
Securing DNS Communications with DNSSEC
Accelerating DNS Resolution with DNS Cache
DoH (DNS – over – HTTPS)
Using iRule Scripts in DNS Resolution Process
Top Dangerous DNS Attacks and Defenses
F5 BIG-IP AFM Administration
Introduction to BIG-IP AFM System
F5-AFM (Network Firewall + DDoS Engine)
Network Firewall Options and Modes
Flow Eviction Policy
Firewall NAT for IP and Port Translation
Firewall Rules, Policies, Address/Port/Rule Lists
IP Intelligence and Whitelists/Blacklists
PSP (Protocol Security Profiles) – DNS and HTTP
PIP (Protocol Inspection Profiles) – IPS
DoS Attacks Detection and Mitigation
DoS Whitelists, Sweep/Flood, SYN Cookie Protection
DNS Firewall, DNS DoS, SIP DoS
DDoS-Resistant Architecture (Three-tier Solution)
DoS Attacks Reporting and Event Logging
Network Firewall (AFM) iRules
Administration and Troubleshooting BIG-IP AFM Components