F5 Networks – Configuring BIG-IP AFM: Advanced Firewall Manager

Course Duration

2 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Prerequisites

Completion of F5 Networks – Administering BIG-IP or equivalent BIG-IP experience is required.

Course Description

This course provides hands-on training in configuring F5 BIG-IP Advanced Firewall Manager (AFM). Students learn to navigate the AFM interface, build network firewall policies, and configure protection against Denial of Service (DoS) attacks — using a combination of lectures and lab exercises to develop practical skills.

Learning Objectives

• Navigate the AFM interface and understand its role within the BIG-IP security ecosystem
• Build and apply network firewall policies using rules, rule lists, address lists, port lists, and schedules
• Configure firewall contexts and modes and understand packet processing order
• Identify and resolve redundant, conflicting, and stale firewall rules
• Configure protection against Denial of Service attacks using AFM DoS profiles
• Use geolocation to identify and filter traffic by region

Course Outline

• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP System Configuration
• Leveraging F5 Support Resources and Tools
• AFM Overview
• AFM Availability
• AFM and the BIG-IP Security Menu
• Explaining F5 Terminology
• Network Firewall
• Contexts
• Modes
• Packet Processing
• Rules and Direction
• Rules Contexts and Processing
• Inline Rule Editor
• Configuring Network Firewall
• Network Firewall Rules and Policies
• Network Firewall Rule Creation
• Identifying Traffic by Region with Geolocation
• Identifying Redundant and Conflicting Rules
• Identifying Stale Rules
• Prebuilding Firewall Rules with Lists and Schedules
• Rule Lists
• Address Lists
• Port Lists
• Schedules
• Network Firewall Policies
• Policy Status and Management
• Other Rule Actions
• Redirecting Traffic with Send to Virtual