این دوره به صورت فشرده شامل سرفصل دوره های F5 BIG-IP Administration & Troubleshooting، F5 BIG-IP CGNAT Administration و F5 BIG-IP AFM Administration می باشد. قطعا جهت آشنایی حرفه ای تر و درک عمیق تر سرفصل های این دوره، گذراندن دوره Advanced + Workshop نیز پیشنهاد می شود.

پیش‌ نیاز دوره:

Network+

  Security Concepts & Terminology

 IPv6 & Tunneling Techniques

مدت زمان دوره: 100 ساعت

مدرس دوره: مهندس پرهام امام جمعه

سرفصل دوره:

F5 BIG-IP Administration and Troubleshooting

Application Delivery Controller – Deployment Method

BIG-IP Terminology and Concepts

VLAN, Self-IP, Floating-IP and Access Management

Pool, Pool Member and Node

Configuration of Different Pool Monitors

NAT, SNAT and DNAT configuration

Full-proxy Architecture with NAT Operation

Configuration of Important Traffic Profiles

HA (High Availability) Configuration and Fail-safe

Hardware Diagnostics

TMSH Commands for BIG-IP Administration

TCPDUMP Command for Traffic Capturing

AOM (Always-On Management)

Leveraging iHealth to Check Functional Status of Device

Software and Configuration Maintenance

Creating Backup Files and Restoring Backup

Administrative Partitions

Different User Roles

F5 BIG-IP Maintenance

External APIs, Programming or Automation Interfaces

F5 Support Resources and Tools

APPENDIX: TMOS v12.0, v13.0, v14.0, v15.0 (New Features)

F5 BIG-IP CGNAT Administration

Deploying Carrier Grade NAT

Basic NAT, SNAT and DNAT Configuration

Using NAT44 (Translating IPv4 Addresses)

IPv6 Overview

Using NAT64 (Mapping IPv6 Addresses to IPv4 Destinations)

Different CGNAT Translation Modes

Using DS-Lite with CGNAT

Deploying Stateless Network Address Translation

Using ALG Profiles

CGNAT Logging and Traceability

HA (High Availability) Configuration and Fail-safe

F5 BIG-IP AFM Administration

Introduction to BIG-IP AFM System

F5-AFM (Network Firewall + DDoS Engine)

Network Firewall Options and Modes

Flow Eviction Policy

Firewall NAT for IP and Port Translation

Firewall Rules, Policies, Address/Port/Rule Lists

IP Intelligence and Whitelists/Blacklists

PSP (Protocol Security Profiles) – DNS and HTTP

PIP (Protocol Inspection Profiles) – IPS

DoS Attacks Detection and Mitigation

DoS Whitelists, Sweep/Flood, SYN Cookie Protection

DNS Firewall, DNS DoS, SIP DoS

DDoS-Resistant Architecture (Three-tier Solution)

DoS Attacks Reporting and Event Logging

Network Firewall (AFM) iRules

Administration and Troubleshooting BIG-IP AFM Components