At the end of this course, the student will be able to:

• Back up the BIG-IP system configuration for safekeeping
• Configure virtual servers, pools, monitors, profiles, and persistence objects
• Test and verify application delivery through the BIG-IP system using local traffic statistics
• Configure priority group activation on a load balancing pool to allow servers to be activated only as needed to process traffic
• Compare and contrast member-based and node-based dynamic load balancing methods
• Configure connection limits to place a threshold on traffic volume to particular pool members and nodes
• Differentiate between cookie, SSL, SIP, universal, and destination address affinity persistence, and describe use cases for each
• Describe the three Match Across Services persistence options and use cases for each
• Configure health monitors to appropriately monitor application delivery through a BIG-IP system
• Configure different types of virtual services to support different types of traffic processing through a BIG-IP system
• Configure different types of SNATs to support routing of traffic through a BIG-IP system
• Configure VLAN tagging and trunking
• Restrict administrative and application traffic through the BIG-IP system using packet filters, port lockdown, and virtual server settings
• Configure SNMP alerts and traps in support of remote monitoring of the BIG-IP system
• Use iRules and local traffic policies appropriately to customize application delivery through the BIG-IP system
• Configure the BIG-IP to detect and mitigate some common attacks at the network and application layers using LTM features such as SYN check, eviction policies, iRules and Local Traffic Policies

Chapter 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP Configuration
• Leveraging F5 Support Resources and Tools

Chapter 2: Reviewing Local Traffic Configuration

• Reviewing Nodes, Pools, and Virtual Servers
• Reviewing Address Translation
• Reviewing Routing Assumptions
• Reviewing Application Health Monitoring
• Reviewing Traffic Behavior Modification with Profiles
• Reviewing the TMOS Shell (TMSH)
• Reviewing Managing BIG-IP Configuration Data

Chapter 3: Load Balancing Traffic with LTM

• Exploring Load Balancing Options
• Using Priority Group Activation and Fallback Host
• Comparing Member and Node Load Balancing

Chapter 4: Modifying Traffic Behavior with Persistence

• Reviewing Persistence
• Introducing Cookie Persistence
• Specifying Default and Fallback Persistence
• Introducing SSL Persistence
• Introducing SIP Persistence
• Introducing Universal Persistence
• Introducing Destination Address Affinity Persistence
• Using Match Across Options for Persistence

Chapter 5: Monitoring Application Health

• Differentiating Monitor Types
• Customizing the HTTP Monitor
• Monitoring an Alias Address and Port
• Monitoring a Path vs. Monitoring a Device
• Managing Multiple Monitors
• Using Application Check Monitors
• Using Manual Resume and Advanced Monitor Timer Settings

Chapter 6: Processing Traffic with Virtual Servers

• Understanding the Need for Other Virtual Server Types
• Forwarding Traffic with a Virtual Server
• Understanding Virtual Server Order of Precedence
• Path Load Balancing

Chapter 7: Processing Traffic with SNATs

• Overview of SNATs
• Using SNAT Pools
• SNATs as Listeners
• SNAT Specificity
• VIP Bounceback
• Additional SNAT Options
• Network Packet Processing Review

Chapter 8: Modifying Traffic Behavior with Profiles

• Profiles Overview
• TCP Express Optimization
• TCP Profiles Overview
• HTTP Profile Options
• HTTP/2 Profile Options
• OneConnect
• Offloading HTTP Compression to BIG-IP
• Web Acceleration Profile and HTTP Caching
• Stream Profiles
• F5 Acceleration Technologies

Chapter 9: Selected Topics

• VLAN, VLAN Tagging, and Trunking
• Restricting Network Access
• SNMP Features
• Segmenting Network Traffic with Route Domains

Chapter 10: Customizing Application Delivery with iRules

• Getting Started with iRules
• Understanding When iRules are Triggered
• Deploying iRules
• Constructing an iRule
• Testing and Debugging iRules
• Exploring iRules Documentation

Chapter 11: Customizing Application Delivery with Local Traffic Policies

• Getting Started with Local Traffic Policies
• Configuring and Managing Policy Rules

Chapter 12: Securing Application Delivery with LTM

• Understanding Today’s Threat Landscape
• Integrating LTM Into Your Security Strategy
• Defending Your Environment Against SYN Flood Attacks
• Defending Your Environment Against Other Volumetric Attacks
• Addressing Application Vulnerabilities with iRules and Local Traffic Policies
• Detecting and Mitigating Other Common HTTP Threats

Chapter 13: Final Lab Project

• About the Final Lab Project

Chapter 14: Additional Training and Certification

• Getting Started Series Web-Based Training
• F5 Instructor Led Training Curriculum
• F5 Professional Certification Program

This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP LTM system.

Students must complete one of the following F5 prerequisites before attending this course:

• Administering BIG-IP (ILT)
• F5 Certified BIG-IP Administrator

Suggested Prework

The following free Self-Directed Training (SDT) courses, although optional, are helpful for any student with limited BIG-IP administration and configuration experience:

• Getting Started with BIG-IP
• Getting Started with Local Traffic Manager (LTM)

General network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course, including OSI model encapsulation, routing and switching, Ethernet and ARP, TCP/IP concepts, IP addressing and subnetting, NAT and private IP addressing, NAT and private IP addressing, default gateway, network firewalls, and LAN vs. WAN.

The following course-specific knowledge and experience is suggested before attending this course:

• Web application delivery
• HTTP, HTTPS, FTP, and SSH protocols
• TLS/SSL