fbpx

F5 Configuring BIG-IP AFM: Advanced Firewall Manager

Course Duration

2 Days

Target Audience

This course is intended for system and network administrators responsible for the configuration and ongoing administration of a BIG-IP Advanced Firewall Manager (AFM) system.

Prerequisites

The following course-specific knowledge and experience is suggested before attending this course:HTTP and DNS protocols

Course Outline

Course Overview

This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP Advanced Firewall Manager (AFM) system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and to detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed.

Key Learning Objectives

      • Configure and manage an AFM system
      • Configure AFM Network Firewall in a positive or negative security model
      • Configure Network Firewall to allow or deny network traffic using rules based on protocol, source, destination, geography, and other predicate types
      • Prebuild firewall rules using lists and schedule components
      • Enforce firewall rules immediately or test them using policy staging
      • Use Packet Tester and Flow Inspector features to check network connections against your security configurations for Network Firewall, IP intelligence and DoS features
      • Configure various IP Intelligence features to identify, record, allow or deny access by IP address
      • Configure the Device DoS detection and mitigation feature to protect the BIG-IP device and all applications from multiple types of attack vectors
      • Configure DoS detection and mitigation on a per-profile basic to protect specific applications from attack
      • Use DoS Dynamic Signatures to automatically protect the system from DoS attacks based on long term traffic and resource load patterns
      • Configure and use the AFM local and remote log facilities
      • Configure and monitor AFM’s status with various reporting facilities
      • Export AFM system reports to your external monitoring system directly or via scheduled mail
      • Allow chosen traffic to bypass DoS checks using Whitelists
      • Isolate potentially bad clients from good using the Sweep Flood feature
      • Isolate and re-route potentially bad network traffic for further inspection using IP Intelligence Shun functionality
      • Restrict and report on certain types of DNS requests using DNS Firewall
      • Configure, mitigate, and report on DNS based DoS attacks with the DNS DoS facility
      • Configure, mitigate, and report on SIP based DoS attacks with the SIP DoS facility
      • Configure, block, and report on the misuse of system services and ports using the Port Misuse feature
      • Build and configure Network Firewall rules using BIG-IP iRules
      • Be able to monitor and do initial troubleshooting of various AFM functionality

What Our Students Say

Learning Today, Leading Tomorrow

JOB SEEKER

Want to start out in the lucrative IT sector, armed with skills in a specific technology?

STUDENT

Entering the workforce and want to improve job prospects?

EMPLOYEE

Looking for your next promotion or need some additional certification skills?

ENTERPRISE

Do you have an immediate need to upskill your IT Team, but no training budget?

Hottest Cybersecurity Jobs Of 2022

PCNSE Certified Security Engineer

Palo Alto Networks Certified Network Security Engineer

Average Salaries in 2022: $91,000 * USD

A Palo Alto Certified Network Security Engineer (PCNSE) is a professional that is tasked to maintain and install the network security of an organization. Engineer delivers support, assessment, and research into the deployed Palo Alto Networks equipment’s processes and issues. The engineer will assume responsibility as the expert of the Palo Alto Networks products, such as firewall, IPS/IDS, and VPN, among others.

Payscale (as of September 2022)

Cybersecurity Engineer

Cybersecurity Engineer

Average Salaries in 2022: $109,749 * USD

Cybersecurity Engineers, sometimes called Information Security Engineers, identify threats and vulnerabilities in systems and software, then apply their skills to developing and implementing high-tech solutions to defend against hacking, malware and ransomware, insider threats and all types of cybercrime.

ZipRecruiter (as of April 2022)

Security Analyst

Security Analyst

Average Salaries in 2022: $83,549 * USD

Security Analysts are ultimately responsible for ensuring that the company’s digital assets are protected from unauthorized access. This includes securing both online and on-premise infrastructures, weeding through metrics and data to filter out suspicious activity, and finding and mitigating risks before breaches occur.

ZipRecruiter (as of April 2022)

Penetration Tester

Penetration Tester

Average Salaries in 2022: $105,984 * USD

Penetration Testers help organizations identify and resolve security vulnerabilities affecting their digital assets and computer networks

ZipRecruiter (as of April 2022).

Security Consultant

Security Consultant

Average Salaries in 2022: $87,922 * USD

A Security Consultant works as an advisor and supervisor for all security measures necessary to effectively protect a company or client’s assets. Security Consultants use their knowledge and expertise to assess possible security threats and breaches in order to prevent them and create contingency protocols and plans for when violations occur.

ZipRecruiter (as of April 2022)

Student Testimonials

“A great option that offers flexibility to your customers – the process was super simple to step through”

Luke Snell

Principal Networks

“Great course. Lots of information I can use for my job.”

R Griffin

Network Engineer

STUDY NOW PAY LATER | FLEXIBLE PAYMENT OPTIONS

USA

Learn More

Singapore

Learn More

ANZ

Learn More

How it works?

Affirm

Affirm

Get up to $17,500 USD to choose weekly, fortnightly, or monthly repayments over a repayment term of up to 24 months, with no deposit!

Student Eligibility:

  • 18 years or older.
  • American Citizen and American Resident.
  • Have a mobile phone and email address.
  • Be employed and able to service the payment plan.

More details and FAQs about Learn Now, Pay Later here.

To have your course tuition covered by Affirm, please contact us.

Atome

Atome

Get up to $3,000 SGD on a 12-month interest-free loan with Atome. Atome is a reusable account that lets you study now and pay later.

Student Eligibility:

  • 18 years or older.
  • Singapore Citizen and Singapore Resident.
  • Hold NRIC/FIN
  • Have a mobile phone and email address.
  • Be employed and able to service the payment plan.

Shop online and in-store up to your account limit, then set flexible repayments to suit your lifestyle. There’s no deposit and every purchase comes with its own interest-free period. More details and FAQ about Atome here.

To have your course tuition covered by Atome, please contact us.

Zip

Zip Money

Get up to $8,000 AUD on a 12-month interest-free loan with Zip Money.

Student Eligibility:

  • 18 years or older.
  • Australian Citizen, New Zealand Citizen, or Permanent Resident.
  • Have a mobile phone and email address.
  • Be employed and able to service the payment plan.

Zip Money is a reusable account that lets you study now and pay later. Shop online and in-store up to your account limit, then set flexible repayments to suit your lifestyle. There’s no deposit and every purchase comes with its own interest-free period. More details and FAQ about Zip Money here. To have your course tuition covered by Zip Money, please contact us.

Get Custom Advice

Fill out the form below, and we’ll give you a ring to talk through your options.

    Translate »