Instructor: Paul Simmons• Company: F5 Networks• Job Title: Sales Engineer, US Navy and USMC• Industry Experience: 22 years• Network Experience: 12 years• F5 Product Exposure: 7 years• F5 Certified Administrator & more…

• https://www.linkedin.com/in/paul-simmons-1547456/• @F4plusplus

Instructor: Jimmy Jennings• Company: F5 Networks• Job Title: Systems Engineer, US Navy and USMC• Industry Experience: 21 years• Network Experience: 21 years• F5 Product Exposure: 14 years• F5 Certified Administrator & more…

Day 111:00 - 11:20 Introductions11:20 - 11:30 Test Registration11:30 - 12:00 OSI Layers 1-412:00 - 1:00 Lunch1:00 - 3:00 OSI Layers Cont.3:00 - 3:15 Break3:15 - 4:30 F5 Solutions and Technology Overview

Day 28:30 - 9:30 Load Balancing Essentials9:30 - 10:30 Security10:30 - 10:45 Break10:45 - 11:15 Application Delivery Platforms11:15 - 11:45 What is Next – 200 Level Exam

• Certification.f5.com

• Click “Register for an Account >>”

• Agree to the terms

• Fill out the form information

• Receive email with F5 ID

• Receive email with Pearson Vue ID

• Follow email instructions

• Register for exam

• TMOS 12.1

• Multiple Choice

• Not Adaptive

• 70 questions in 90 mins

• No command line engines

• View whole exhibit before you close them

• Manage Your Time

• The pass rates for 2014(average): Overall - 69.7%, 101 - 74.2%,

•• http://www.f5.com/pdf/certification/exams/Certification_Study_Guide_101.pdf• https://www.f5.com/pdf/certification/exams/Certification_Study_Guide_201_v2.pdf

• https://university.f5.com

•• https://portal-v5.examstudio.com/default.aspx?ReturnUrl=%2f%3fid%3d20882&id=20882

• https://devcentral.f5.com

• https://ihealth.f5.com

•• https://www.linkedin.com/groups/85832• https://www.linkedin.com/groups/6711359/profile• https://www.linkedin.com/groups/6709915/profile

*http://certmag.com/salary-survey-2018-new-salary-survey-75/

Objective 1.01

• Describe the function of each OSI layer

• Differentiate between the OSI layers

• Describe the purpose of the various address types at different OSI layers

Explain, compare, and contrast the OSI layers

• Explain the purpose and functionality of MAC addresses

Explain protocols and technologies specific to the data link layer

en0: flags=8963<UP,BROADCAST,SMART,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1500ether 28:cf:e9:1b:ae:91 inet6 fe80::2acf:e9ff:fe1b:ae91%en0 prefixlen 64 scopeid 0x4 inet 192.168.69.109 netmask 0xffffff00 broadcast 192.168.69.255nd6 options=1<PERFORMNUD>media: autoselectstatus: active

28:cf:e9:1b:ae:91 28cf.e91b.ae91

28-cf-e9-1b-ae-91

• Explain the purpose of a switch’s forwarding database

Explain protocols and technologies specific to the data link layer

• Explain the purpose and functionality of ARP• Address Resolution Protocol (ARP) is a telecommunications protocol

used for resolution of network layer addresses into link layer addresses, a critical function in multiple-access networks.

Explain protocols and technologies specific to the data link layer

arp who-has 10.128.10.6 tell 10.128.10.68arp reply 10.128.10.6 is-at 02:07:01:00:01:c4

FF:FF:FF:FF:FF:FF = Broadcast

Local Cached ARP Table

Windows: arp –a Mac: Siri show me my ARP table

• Explain the purpose and functionality of a broadcast domain

Explain protocols and technologies specific to the data link layer

• Explain the purpose and functionality of IP addressing and subnetting

• Given an IP address and net mask, determine the network IP and the broadcast IP

Explain protocols and apply technologies specific to the network layer

Type Network Subnet Broadcast Hosts IPs/24 10.1.1.0 255.255.255.0 10.1.1.255 254 256

/25 10.1.1.0 255.255.255.128 10.1.1.127 126 128

/25 10.1.1.128 255.255.255.128 10.1.1.255 126 128

/26 10.1.1.0 255.255.255.192 10.1.1.63 62 64

/26 10.1.1.64 255.255.255.192 10.1.1.127 62 64

/26 10.1.1.128 255.255.255.192 10.1.1.191 62 64

/26 10.1.1.192 255.255.255.192 10.1.1.255 62 64

• Given a routing table and a destination IP address, identify which routing table entry the destination IP address will match

Explain protocols and apply technologies specific to the network layer

• Explain the purpose and functionality of Routing protocols

• Dynamic Protocols: • RIP (Routing Information Protocol)• IGRP (Interior Gateway Routing Protocol)• EIGRP (Enhanced Interior Gateway Routing Protocol)• OSPF (Open Shortest Path First)• IS-IS (Intermediate System-to-Intermediate System)• BGP (Border Gateway Protocol

Explain protocols and apply technologies specific to the network layer

• Explain the purpose of fragmentation

• Given a fragment, identify what information is needed for reassembly

• Explain the purpose of TTL functionality

• Given a packet traversing a topology, document the source/destination IP address/MAC address changes at each hop

Explain protocols and apply technologies specific to the network layer

• Given a packet traversing a topology, document the source/destination IP address/MAC address changes at each hop

Explain protocols and apply technologies specific to the network layer

Src MAC = Host ADest MAC = DGW Router ASrc IP = Host ADest IP = Host B

Src MAC = Router ADest MAC = Router BSrc IP = Host ADest IP = Host B

Src MAC = Router BDest MAC = Router CSrc IP = Host ADest IP = Host B

Src MAC = Router CDest MAC = Host BSrc IP = Host ADest IP = Host B

• Compare/Contrast purpose and functionality of MTU and MSS

• Explain the purpose and functionality of TCP

• Explain the purpose and functionality of UDP

• Explain the purpose and functionality of ports in general

• Explain how retransmissions occur

• Explain the purpose and process of a reset

Explain the features and functionality of protocols and technologies specific to the transport layer

A maximum transmission unit (MTU) is the largest size packet or frame, specified in octets (eight-bit bytes), that can be sent in a packet- or frame-based network

The maximum segment size (MSS) is a parameter of the TCP protocol that specifies the largest amount of data, specified in octets, that a computer or communications device can receive in a single TCP segment.

"Hi, I'd like to hear a TCP joke.""Hello, would you like to hear a TCP joke?""Yes, I'd like to hear a TCP joke.""OK, I'll tell you a TCP joke.""Ok, I will hear a TCP joke.""Are you ready to hear a TCP joke?""Yes, I am ready to hear a TCP joke.""Ok, I am about to send the TCP joke. It will last 10 seconds, it has two characters, it does not have a setting, it ends with a punchline.""Ok, I am ready to get your TCP joke that will last 10 seconds, has two characters, does not have an explicit setting, and ends with a punchline.""I'm sorry, your connection has timed out. Hello, would you like to hear a TCP joke?"

• Describe various TCP options - (i.e. MSS, SACK permitted, Timestamps, etc)

• Describe a TCP checksum error – (i.e 96-bit TCP pseudo header)

• Describe how TCP addresses error correction – (Sequence numbers, error detection and retransmits)

• Describe how the flow control process occurs

Explain the features and functionality of protocols and technologies specific to the transport layer

TCP uses an end-to-end flow control protocol to avoid having the sender send data too fast for the TCP receiver to receive and process it reliably. TCP uses a sliding window flow control protocol. In each TCP segment, the receiver specifies in the receive window field the amount of additionally received data (in bytes) that it is willing to buffer for the connection. The sending host can send only up to that amount of data before it must wait for an acknowledgment and window update from the receiving host.

• Explain the purpose and functionality of HTTP

• Differentiate between HTTP versions

• Interpret HTTP status codes

• Determine an HTTP request method for a given use case

Explain the features and functionality of protocols and technologies specific to the application layer

HTTP functions as a request-response protocol in the client-server computing model.In HTTP/1.0 a separate connection to the same server is made for every resource request. HTTP/1.1 can reuse a connection multiple times to download images, scripts, stylesheets et cetera after the page has been delivered.

1xx Informational2xx Success3xx Redirection4xx Client Error5xx Server Error6xx See also7xx References8xx External links

• Explain the purpose and functionality of HTTP keepalives, HTTP headers, DNS, SIP, FTP

• Differentiate between passive and active FTP

• Explain the purpose and functionality of SMTP

• Explain the purpose and functionality of a cookie

• Given a situation in which a client connects to a remote host, explain how the name resolution process occurs

Explain the features and functionality of protocols and technologies specific to the application layer

Active mode FTPFTP server's port 21 from anywhere (Client initiates connection)FTP server's port 21 to ports > 1023 (Server responds to client's control port)FTP server's port 20 to ports > 1023 (Server initiates data connection to client's data port)FTP server's port 20 from ports > 1023 (Client sends ACKs to server's data port)

• Explain the purpose and functionality of HTTP keepalives, HTTP headers, DNS, SIP, FTP

• Differentiate between passive and active FTP

• Explain the purpose and functionality of SMTP

• Explain the purpose and functionality of a cookie

• Given a situation in which a client connects to a remote host, explain how the name resolution process occurs

• Explain the purpose and functionality of a URL

Explain the features and functionality of protocols and technologies specific to the application layer

http://www.host.com/path/to/content/content.html

Network

Session

Application

Web application

Physical

Client / Server

L4 Firewall: Full stateful policy enforcement and TCP DDoS mitigation

SSL inspection and SSL DDoS mitigation

HTTP proxy, HTTP DDoS and application security

Application health monitoring and performance anomaly detection

Network

Session

Application

Web application

Physical

Client / Server

InternetEnterprise

iAppsiControliRulesiCall

Programmability

F5 TMOS

LocalTraffic

Manager(LTM)

Advanced Firewall

Manager(AFM)

ApplicationSecurityManager

(ASM)

AccessPolicy

Manager(APM)

Secure Web

Gateway(SWG)

Anti-fraud(WebSafe)

BIG-IP DNSa.k.a(GTM)

Advanced WAF

DDOS Hybrid

Defender (DHD)

SSLOrchestrator

(SSLO)

••••

Articulate the role of F5 products

Additional Learning: AFM, BIG-IQ, SWG, WebSafe, Silverline, *Enterprise Manager, *AAM

BIG-IP LTM Physical

Virtual

Public or private cloud

Fast• TCP Optimization• Server Offload

• SSL Encryption• Compression• RAM Cache• OneConnect

• Bandwidth Allocation

Available• Load balancing• Health monitoring• Server persistence

Secure• DDoS Protection• TCP Proxy• Application Proxy• SSL Encryption• Resource Cloaking

Articulate the role of Local Traffic Manager (LTM)

Router

L-DNS

BIG-IP GTM

BIG-IP LTM

App Servers

Data Center 1

Client

Router

BIG-IP LTM

Data Center 2

BIG-IP GTM

App Servers

Articulate the role of Global Traffic Manager (GTM)

Protect against DNS Denial of Service• High-speed response and

DDoS protection with in-memory DNS

• Authoritative DNS serving out of RAM

• Respond to 125K QPS per CPU core

ManageDNS

Records

NIC

OSAdminAuthRoles

DynamicDNS

DHCP

AnswerDNS

Query

AnswerDNS

Query

AnswerDNS

Query

AnswerDNS

Query

AnswerDNS

Query

DNS Express in TMOS

DNS Server

Articulate the role of Global Traffic Manager (GTM)

• Features

AFMVirtual Edition

BIG-IP Advanced Firewall ManagerBIG-IP Local Traffic Manager

BIG-IP Advanced Firewall ManagerBIG-IP Local Traffic Manager

*Objective 2.01* Advanced Firewall ManagerArticulate the role of BIG-IP Advanced Firewall Manager (AFM)

• Protection from DoS/DDoS attacks and web application security risks• Enforce positive and/or negative security policies, protocol compliance• DataGuard data-scrubbing/DLP/compliance• Vulnerability assessment service integration• IP Intelligence malicious client classification and blocking• Application logging and reporting

Content scrubbing,application cloaking

Request made BIG-IP ASM security policy checked Server response

BIG-IP ASM applies security policy Vulnerable applicationSecure response delivered

•Articulate the role of Application Security Manager (ASM)

• Centralized access policy enforcement

• Single Sign-On (SSO) user authentication

• L3-7 access controls• Robust client device support• Advanced client endpoint

security• Visual Policy Editor

Articulate the role of Access Policy Manager (APM)

Articulate the role of Access Policy Manager (APM)

• Webtop unites internal and external application resources across your Enterprise

• Provides seamless presentation and access to Windows, Web, SaaS, Mobile Applications and data

• WebTop helps organizations with RDP, VMware and Citrix consolidate on a single platform

Articulate the role of Access Policy Manager (APM)

•

•

Articulate the role of Access Policy Manager (APM)

Articulate the role of Access Policy Manager (APM)

*Objective 2.01* F5 WebSafe

Organization’s DMZ

Web Application

On-Premise

Internet

Online Users

F5 SOCAlerts

In the Cloud

WebSafe on BIG-IP

AlertsHosted in

DMZ (no data

visible to F5.com)

Internet

• Only 100% transparent solution combining detection and protection capabilities• Secures your site without application modifications or changes to the user experience.• Detects and safeguards against sophisticated online fraud -- web injection, credential &

form grabbers, MITM, MITB, etc.• Identifies phishing attacks before they are launched• Monitors the latest and most sophisticated attacks that may potentially impact your

business.

Articulate the role of F5 WebSafe - Anti-fraud, Anti-malware and Anti-phishing

• Only web gateway to secure against inbound andoutbound threats

• First one-stop shop for all access policy, inbound and outbound – context-aware

• Ensures regulatory and organizational compliance

• Superior scale and performance

• Lowest TCO and quickestROI

• Subscription service on top of APM

*Objective 2.01* Secure Web GatewayArticulate the role of BIG-IP Secure Web Gateway Services (SWG) for APM

Public CloudHybrid Cloud

BIG -IQ

*Objective 2.01* BIG-IQ

BIG-IP

BIG-IP

Data Center

Articulate the role of BIG-IQ

*Objective 2.01* F5 Silverline DDoS ProtectionKeep your business online during volumetric DDoSattacks

24/7 access to Security Operations Center DDoSexperts

Protect against the largest of DDoS attacks

Multi-layered, comprehensive L3-L7 protection

Gain real-time attack mitigation insights

Cloud-Scrubbing Service

LegitimateUsers

DDoS Attackers

F5 SilverlineDDoS

Protection

Volumetric attacks and floods, operations

center experts, L3-7 known signature attacks

Customer

Attack mitigation bandwidth capacity over 2.0 Tbps,

scrubbing capacity over 1.0 Tbps

Articulate the role of F5 Silverline DDoS Protection

•••

Explain the purpose, use, and advantages of iRules

when LB_SELECTED { if {[IP::addr "[IP::client_addr]/24" equals "[LB::server addr]/24"]} {

snat automap} else {

snat none }

}

•••

Explain the purpose, use, and advantages of iApps

https://tinyurl.com/F5Files

*Objective 2.03*

•••

Explain the purpose, use, and advantages of iControl

iControl is F5’s API that allows for programmatic configure the BIG-IP. This API is based on SOAP/XML.

iControlREST is F5’s API that allows for programmatic configure the BIG-IP. This API is based on REST.

*Objective 2.03*

•••

Explain the purpose, use, and advantages of iCall

iCall is a Tcl-based scripting framework that lets you use Traffic Management Shell (tmsh) commands to manage the configuration of a running F5 device.

Three Components to iCall: Events, handler, Script

*Objective 2.03*

•••

Explain the purpose, use, and advantages of iHealth

https://iHealth.f5.com

••

Explain the purpose of and use cases for full proxy and packet forwarding/packet based architectures

Internet

Syn, Syn-Ack, Ack

Client Data

Syn, Syn-Ack, Ack

Server Response

Separate Client and Server connections

••

172.20.10.1 172.20.10.2 172.20.10.3 172.20.10.4

172.20.10.1 172.20.10.2 172.20.10.3 172.20.10.4172.20.10.1:80 172.20.10.2:80

172.20.10.2:443172.20.10.3:80172.20.10.3:443 172.20.10.4:443

172.20.10.1 172.20.10.2 172.20.10.3 172.20.10.4172.20.10.1:80 172.20.10.2:80

172.20.10.2:443172.20.10.3:8080172.20.10.3:443 172.20.10.4:443

172.20.10.1 172.20.10.2 172.20.10.3 172.20.10.4172.20.10.1:80 172.20.10.2:80

172.20.10.2:443172.20.10.3:8080172.20.10.3:443 172.20.10.4:443

10.2.2.100:80 10.2.2.100:443

NOTE: BIG-IP LTM is a default deny device; the virtual server is the most

common way allow client requests to pass through

10.2.2.225:8080

•

Explain the advantages and configurations of high availability (HA)

Internet

Clients

Servers

Device Service Cluster

ActiveTraffic-Group-1

StandbyTraffic-Group-1

•

Explain the advantages and configurations of high availability (HA)

Internet

Clients

Servers

Device Service Cluster

ActiveTraffic-Group-1

StandbyTraffic-Group-1

ActiveTraffic-Group-2

StandbyTraffic-Group-2

•

Explain the advantages and configurations of high availability (HA)

Internet

Clients

Servers

Device Service Cluster

ActiveTraffic-Group-1

StandbyTraffic-Group-1

*Objective 2.01* - Application Acceleration Manager

Application Optimization

Transport Optimization

Data Center Optimization

Application Optimization+ Transport Optimization

+ Data Center Optimization

BIG-IP Platform

Users

Articulate the role of BIG-IP Application Acceleration Manager (AAM)

• Explain the purpose of distribution of load across multiple servers

Discuss the purpose of, use cases for, and key considerations related to load balancing

Internet

Virtual Server216.34.94.17:80

Pool Members

Maps to

• Given an environment, determine the appropriate load balancing algorithm that achieves a desired result

Discuss the purpose of, use cases for, and key considerations related to load balancing

Static

Dynamic

Round RobinRatio

Least ConnectionsFastestLeast SessionsWeighted Least ConnectionsObservedPredictiveDynamic Ratio

• Given an environment, determine the appropriate load balancing algorithm that achieves a desired result

• Explain the concept of persistence

Discuss the purpose of, use cases for, and key considerations related to load balancing

• Given a scenario, identify the client/server

• Explain the role of a client

• Explain the role of a server

Differentiate between a client and server

Internet

Clients

Servers

BIG-IP LTMs

• Describe the concept of a positive security model

• Describe the concept of a negative security model

• Given a list of scenarios, identify which is a positive security model

• Given a list of scenarios, identify which is a negative security model

• Describe the benefits of a positive security model

• Describe the benefits of a negative security model

Compare and contrast positive and negative security models

A "positive" security model (also known as "whitelist") is one that defines what is allowed, and rejects everything else.A "negative" (or "blacklist") security model, which defines what is disallowed, while implicitly allowing everything else.

• Describe the purpose of signing

• Describe the purpose of encryption

• Describe the purpose of certificates and the certificate chains

• Distinguish between private/public keys

• Compare and contrast symmetric/asymmetric encryption – one key vstwo keys

Explain the purpose of cryptographic services

• Explain the purpose of authentication

• Explain the advantages of single sign on

• Explain the concepts of multifactor authentication

• Describe the role authentication plays in AAA

Describe the purpose and advantages of authentication

• Explain the purpose, advantages, and challenges associated with IPsec

• Explain the purpose, advantages, and challenges associated with SSL VPN

• Given a list of environments/situations, determine which is appropriate for an IPsec solution

• Given a list of environments/situations, determine which is appropriate for an SSL VPN solution

Describe the purpose, advantages, and use cases of IPsec and SSL VPN

• Explain when a hardware based application deliver platform solution is appropriate

• Explain when a virtual machine solution is appropriate

• Explain the purpose, advantages, and challenges associated with hardware based application deliver platform solutions

• Explain the purpose, advantages, and challenges associated with virtual machines

• Given a list of environments/situations, determine which is appropriate for a hardware based application deliver platform solution

• Given a list of environments/situations, determine which is appropriate for a virtual machine solution

• Explain the advantages of dedicated hardware (SSL card, compression card)

Describe the purpose, advantages, use cases, and challenges associated with hardware based application delivery platforms and virtual machines

• Describe the purpose of TCP optimization

• Describe the purpose of HTTP keepalives, caching, compression, and pipelining

Describe the purpose of the various types of advanced acceleration U/A techniques

• Log onto certification.f5.com

• Look in your menu for History

• If you are qualified for the 200 level exam you can register for them on Pearson Vue

• Download the 201 Study Guide and vLab

• Attend the 201 Boot Camp or watch the new CBT

• Download the 201 Study Guide• Study the guide and work in the vLab environment• Attend the 201 Boot Camp or watch the 201 CBT• Register for the 201 to set a deadline for yourself

If I can be of further assistance please contact me:e.mitchell@f5.com | 1-813-404-1628