This 3-day course gives network professionals a functional understanding of BIG-IP Local Traffic Manager, introducing students to both commonly used and advanced BIG-IP LTM features and functionality.

Incorporating lecture, extensive hands-on labs, and classroom discussion, the course helps students build the well-rounded skill set needed to manage BIG-IP LTM systems as part of a flexible and high performance application delivery network.

Course Topics

• BIG-IP initial setup (licensing, provisioning, and network configuration)
• A review of BIG-IP local traffic configuration objects
• Using dynamic load balancing methods
• Modifying traffic behavior with persistence (including SSL, SIP, universal, and destination address affinity persistence)
• Monitoring application health with Layer 3, Layer 4, and Layer 7 monitors (including transparent, scripted, and external monitors)
• Processing traffic with virtual servers (including network, forwarding, and reject virtual servers)
• Processing traffic with SNATs (including SNAT pools and SNATs as listeners)
• Modifying traffic behavior with profiles (including TCP profiles, advanced HTTP profile options, caching, compression, and OneConnect profiles)
• Advanced BIG-IP LTM configuration options (including VLAN tagging and trunking, SNMP features, packet filters, and route domains)
• Customizing application delivery with iRules and local traffic policies
• Securing application delivery using BIG-IP LTM

• Back up the BIG-IP system configuration for safekeeping
• Configure virtual servers, pools, monitors, profiles, and persistence objects
• Test and verify application delivery through the BIG-IP system using local traffic statistics
• Configure priority group activation on a load balancing pool to allow servers to be activated only as needed to process traffic
• Compare and contrast member-based and node-based dynamic load balancing methods
• Configure connection limits to place a threshold on traffic volume to particular pool members and nodes
• Differentiate between cookie, SSL, SIP, universal, and destination address affinity persistence, and describe use cases for each
• Describe the three Match Across Services persistence options and use cases for each
• Configure health monitors to appropriately monitor application delivery through a BIG-IP system
• Configure different types of virtual services to support different types of traffic processing through a BIG-IP system
• Configure different types of SNATs to support routing of traffic through a BIG-IP system
• Configure VLAN tagging and trunking
• Restrict administrative and application traffic through the BIG-IP system using packet filters, port lockdown, and virtual server settings
• Configure SNMP alerts and traps in support of remote monitoring of the BIG-IP system
• Use iRules and local traffic policies appropriately to customize application delivery through the BIG-IP system
• Configure the BIG-IP to detect and mitigate some common attacks at the network and application layers using LTM features such as SYN check, eviction policies, iRules and Local Traffic Policies

Chapter 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP Configuration
• Leveraging F5 Support Resources and Tools

Chapter 2: Reviewing Local Traffic Configuration

• Reviewing Nodes, Pools, and Virtual Servers
• Reviewing Address Translation
• Reviewing Routing Assumptions
• Reviewing Application Health Monitoring
• Reviewing Traffic Behavior Modification with Profiles
• Reviewing the TMOS Shell (TMSH)
• Reviewing Managing BIG-IP Configuration Data

Chapter 3: Load Balancing Traffic with LTM

• Exploring Load Balancing Options
• Using Priority Group Activation and Fallback Host
• Comparing Member and Node Load Balancing

Chapter 4: Modifying Traffic Behavior with Persistence

• Reviewing Persistence
• Introducing Cookie Persistence
• Specifying Default and Fallback Persistence
• Introducing SSL Persistence
• Introducing SIP Persistence
• Introducing Universal Persistence
• Introducing Destination Address Affinity Persistence
• Using Match Across Options for Persistence

Chapter 5: Monitoring Application Health

• Differentiating Monitor Types
• Customizing the HTTP Monitor
• Monitoring an Alias Address and Port
• Monitoring a Path vs. Monitoring a Device
• Managing Multiple Monitors
• Using Application Check Monitors
• Using Manual Resume and Advanced Monitor Timer Settings

Chapter 6: Processing Traffic with Virtual Servers

• Understanding the Need for Other Virtual Server Types
• Forwarding Traffic with a Virtual Server
• Understanding Virtual Server Order of Precedence
• Path Load Balancing

Chapter 7: Processing Traffic with SNATs

• Overview of SNATs
• Using SNAT Pools
• SNATs as Listeners
• SNAT Specificity
• VIP Bounceback
• Additional SNAT Options
• Network Packet Processing Review

Chapter 8: Modifying Traffic Behavior with Profiles

• Profiles Overview
• TCP Express Optimization
• TCP Profiles Overview
• HTTP Profile Options
• HTTP/2 Profile Options
• OneConnect
• Offloading HTTP Compression to BIG-IP
• Web Acceleration Profile and HTTP Caching
• Stream Profiles
• F5 Acceleration Technologies

Chapter 9: Selected Topics

• VLAN, VLAN Tagging, and Trunking
• Restricting Network Access
• SNMP Features
• Segmenting Network Traffic with Route Domains

Chapter 10: Customizing Application Delivery with iRules

• Getting Started with iRules
• Understanding When iRules are Triggered
• Deploying iRules
• Constructing an iRule
• Testing and Debugging iRules
• Exploring iRules Documentation

Chapter 11: Customizing Application Delivery with Local Traffic Policies

• Getting Started with Local Traffic Policies
• Configuring and Managing Policy Rules

Chapter 12: Securing Application Delivery with LTM

• Understanding Today’s Threat Landscape
• Integrating LTM Into Your Security Strategy
• Defending Your Environment Against SYN Flood Attacks
• Defending Your Environment Against Other Volumetric Attacks
• Addressing Application Vulnerabilities with iRules and Local Traffic Policies
• Detecting and Mitigating Other Common HTTP Threats

Chapter 13: Final Lab Project

• About the Final Lab Project

Chapter 14: Additional Training and Certification

• Getting Started Series Web-Based Training
• F5 Instructor Led Training Curriculum
• F5 Professional Certification Program

This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.

Students are required to complete one of the following F5 prerequisites before attending this course:

• Administering BIG-IP instructor-led course

-or-

• F5 Certified BIG-IP Administrator

The following free web-based training courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.

• Getting Started with BIG-IP web-based training
• Getting Started with Local Traffic Manager (LTM) web-based training

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

• OSI model encapsulation
• Routing and switching
• Ethernet and ARP
• TCP/IP concepts
• IP addressing and subnetting
• NAT and private IP addressing
• Default gateway
• Network firewalls
• LAN vs. WAN

The following course-specific knowledge and experience is suggested before attending this course:

• Web application delivery
• HTTP, HTTPS, FTP and SSH protocols
• TLS/SSL