Configuring BIG-IP Local Traffic Manager (LTM)

This course gives network professionals a functional understanding of BIG-IP Local Traffic Manager (LTM), introducing students to both commonly used and advanced LTM features. Incorporating lecture, extensive hands-on labs, and classroom discussion, the course helps students build the well-rounded skill set needed to manage BIG-IP LTM systems as part of a flexible and high performance application delivery network.

Kursinhalt

BIG-IP initial setup (licensing, provisioning, and network configuration)
A review of BIG-IP local traffic configuration objects
Using dynamic load balancing methods
Modifying traffic behavior with persistence (including SSL, SIP, universal, and destination address affinity persistence)
Monitoring application health with Layer 3, Layer 4, and Layer 7 monitors (including transparent, scripted, and external monitors)
Processing traffic with virtual servers (including network, forwarding, and reject virtual servers)
Processing traffic with SNATs (including SNAT pools and SNATs as listeners)
Modifying traffic behavior with profiles (including TCP profiles, advanced HTTP profile options, caching, compression, and OneConnect profiles)
Advanced BIG-IP LTM configuration options (including VLAN tagging and trunking, SNMP features, packet filters, and route domains)
Deploying application services with iApps
Customizing application delivery with iRules and local traffic policies
Securing application delivery using BIG-IP LTM

Jeder Teilnehmer erhält die englischsprachigen Original-Unterlagen von F5 Networks in elektronischer Form.

Zielgruppe

This course is intended for network operators, network administrators, network engineers, network architects, security administrators, and security architects responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.

Voraussetzungen

Students are required to complete one of the following F5 prerequisites before attending this course:

Administering BIG-IP (instructor-led course)
F5 Certified BIG-IP Administrator
The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience. These courses are available at F5 University:
Getting Started with BIG-IP web-based training
Getting Started with BIG-IP Local Traffic Manager (LTM) web-based training

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:
OSI model encapsulation
Routing and switching
Ethernet and ARP
TCP/IP concepts
IP addressing and subnetting
NAT and private IP addressing
Default gateway
Network firewalls
LAN vs. WAN

The following course-specific knowledge and experience is suggested before attending this course:
Web application delivery
HTTP, HTTPS, FTP and SSH protocols
TLS/SSL

Chapter 1: Setting Up the BIG-IP System

•Introducing the BIG-IP System

•Initially Setting Up the BIG-IP System

•Archiving the BIG-IP Configuration

•Leveraging F5 Support Resources and Tools

Chapter 2: Reviewing Local Traffic Configuration

•Reviewing Nodes, Pools, and Virtual Servers

•Reviewing Address Translation

•Reviewing Routing Assumptions

•Reviewing Application Health Monitoring

•Reviewing Traffic Behavior Modification with Profiles

•Reviewing the TMOS Shell (TMSH)

•Reviewing Managing BIG-IP Configuration Data

Chapter 3: Load Balancing Traffic with LTM

•Exploring Load Balancing Options

•Using Priority Group Activation and Fallback Host

•Comparing Member and Node Load Balancing

Chapter 4: Modifying Traffic Behavior with Persistence

•Reviewing Persistence

•Introducing Cookie Persistence

•Introducing SSL Persistence

•Introducing SIP Persistence

•Introducing Universal Persistence

•Introducing Destination Address Affinity Persistence

•Using Match Across Options for Persistence

Chapter 5: Monitoring Application Health

•Differentiating Monitor Types

•Customizing the HTTP Monitor

•Monitoring an Alias Address and Port

•Monitoring a Path vs. Monitoring a Device

•Managing Multiple Monitors

•Using Application Check Monitors

•Using Manual Resume and Advanced Monitor Timer Settings

Chapter 6: Processing Traffic with Virtual Servers

•Understanding the Need for Other Virtual Server Types

•Forwarding Traffic with a Virtual Server

•Understanding Virtual Server Order of Precedence

•Path Load Balancing

Chapter 7: Processing Traffic with SNATs

•Overview of SNATs

•Using SNAT Pools

•SNATs as Listeners

•SNAT Specificity

•VIP Bounceback

•Additional SNAT Options

•Network Packet Processing Review

Chapter 8: Modifying Traffic Behavior with Profiles

•Profiles Overview

•TCP Express Optimization

•TCP Profiles Overview

•HTTP Profile Options

•OneConnect

•Offloading HTTP Compression to BIG-IP

•HTTP Caching

•Stream Profiles

•F5 Acceleration Technologies

Chapter 9: Selected Topics

•VLAN, VLAN Tagging, and Trunking

•Restricting Network Access

•SNMP Features

•Segmenting Network Traffic with Route Domains

Chapter 10: Deploying Application Services with iApps

•Simplifying Application Deployment with iApps

•Using iApps Templates

•Deploying an Application Service

•Leveraging the iApps Ecosystem on DevCentral

Chapter 11: Customizing Application Delivery with iRules and Local Traffic Policies

•Getting Started with iRules

•Triggering an iRule

•Introducing iRule Constructs

•Leveraging the DevCentral Ecosystem

•Deploying and Testing iRules

•Getting Started with Local Traffic Policies

•What Can You Do with a Local Traffic Policy?

•How Does a Local Traffic Policy Work?

•Understanding Local Traffic Policy Workflow

•Introducing the Elements of a Local Traffic Policy

•Specifying the Matching Strategy

•What Are Rules?

•Understanding Requires and Controls

•Configuring and Managing Policy Rules

•Configuring a New Rule

•Including Tcl in Certain Rule Settings

Chapter 12: Securing Application Delivery with LTM

•Understanding Today’s Threat Landscape

•Integrating LTM Into Your Security Strategy

•Defending Your Environment Against SYN Flood Attacks

•Defending Your Environment Against Other Volumetric Attacks

•Addressing Application Vulnerabilities with iRules and Local Traffic Policies

Chapter 13: Final Lab Project

•About the Final Lab Project

•Possible Solution to Lab 13.1

Classroom Training: Bevorzugen Sie die klassische Trainingsmethode? Ein Kurs in einem unserer Training Center, mit einem kompetenten Trainer und dem direkten Austausch zwischen allen Teilnehmern? Dann buchen Sie einen der Classroom Training Termine!
Hybrid Training: Hybrid Training bedeutet, dass zusätzliche Online-Teilnehmer an einem Präsenzkurs teilnehmen können. Die Dynamik eines realen Kurses bleibt erhalten, wovon besonders auch die Online-Teilnehmer profitieren. Als Online-Teilnehmer eines Hybrid-Kurses nutzen Sie eine Collaboration-Plattform wie WebEx Training Center oder Saba Meeting. Dazu wird nur ein PC mit Browser und Internet-Anschluss benötigt, ein Headset und idealerweise eine Webcam. Im Kursraum setzen wir speziell entwickelte und angepasste hochwertige Audio- und Videotechnik ein. Sie sorgt dafür, dass die Kommunikation zwischen allen Beteiligten angenehm und störungsfrei funktioniert.
Online Training: Möchten Sie einen Kurs online besuchen? Zu diesem Kursthema bieten wir Ihnen Online-Kurstermine an. Als Teilnehmer benötigen Sie dazu einen PC mit Internet-Anschluss (mindestens 1 Mbit/s), ein Headset, falls Sie per VoIP arbeiten möchten und optional eine Kamera. Weitere Informationen und technische Empfehlungen finden Sie hier.
Inhouse-Schulung: Benötigen Sie einen maßgeschneiderten Kurs für Ihr Team? Neben unserem Standard-Angebot bieten wir Ihnen an, Kurse speziell nach Ihren Anforderungen zu gestalten. Gerne beraten wir Sie hierzu und erstellen Ihnen ein individuelles Angebot.
Inhouse-Schulung jetzt anfragen >>>

Die gesamte Beschreibung dieses Kurses mit Terminen und Preisen zum Download als PDF.