Training

Introduction

Welcome to the F5 Technical Accreditation. This curriculum was developed for F5 employees and partners to provide the necessary knowledge and skills to engage in technical conversations with customers about their application delivery needs and show how F5 can seamlessly integrate into their existing environments.F5 offers a powerful and flexible suite of products that helps organizations create an agile IT infrastructure that aligns with the demands of their business. This curriculum will not cover every integration option in the F5 portfolio. Instead, the intent is to show the challenges that businesses face and illustrate how F5 solutions can be deployed to help system administrators gain strategic points of control wherever information is exchanged.At various points in the curriculum there will be an opportunity to take exams on one or more of the completed modules. After passing all of the exams, learners will receive a certificate showing successful completion of the Technical portion of the F5 Sales Accreditation. Click Next to continue.

This program includes 12 e-learning modules and will take approximately 9 hours to complete. By the end of the training, you will have a good foundation of knowledge about the F5 products and platforms.This first module provides an overview of the topics discussed in the rest of the training. Because the F5 solution is an integrated system, it is important that you have a broad understanding of the F5 strategy and product portfolio before drilling deeper into individual components. Before we get started, click on the Course Navigation button to learn how to move through this course.Course Navigation

long the bottom of the screen there are several navigation buttons. You will need to click the Next button to move to the next slide, and click the Back button to move to the previous slide.

The Course Map displays an overview of the course and the CC button, which stands for Closed Captioning, allows you to follow along with the courses narration if needed. The Audio On and Audio Off button turns the audio portion of the course on and off. The Resources button will display a list of printable job aids and or allow you to access additional information. Longer training modules include a Main Menu button which lets you navigate between lessons in the module.

Finally, a Progress Bar is located at the bottom of the slide. As the slide plays, the slider will move across the screen to track your progress.

Rollover the highlighted areas to review this information again.

Once you are ready to continue, click the Next button.

The F5 design philosophy is unique and its based on this reasoning:

"The only reason the network exists is to support the applications running on top of it and ensure that they are successfully delivered in an operationally efficient manner."

F5 application delivery solutions balance traffic and offload compute-intensive functions, screen traffic for security threats, and speed the flow of traffic to improve the performance, availability, and security of applications.

"What good is security if the applications youre protecting are down or simply unavailable because theyre too slow? And what good is a highly optimized and available business critical application if it is not secured?"F5 provides an application infrastructure that is adaptable and cost effective; moving from disparate systems and architectures to an integrated application fluent architecture; from manual tasks to automation; and from implementing functions directly in the applications themselves to offloading these functions to a centralized network resource for better efficiency. F5 provides strategic points of control throughout the IT infrastructure, enabling organizations to scale, adapt, and align with changing business demands.

TMOS

The second module in this training explores TMOS: the shared product platform that is the foundation for F5 products.

TMOS allows for full proxy, intelligent control of a network -- which ensures applications are delivered exactly as intended and protected from security threats, traffic congestion, and network failures. The adaptability provided by this centralized infrastructure lets F5 devices automatically adjust to network conditions and business policies, giving administrators a previously unattainable level of control. At the same time, TMOS accommodates changes in network demands and expedites easy adoption of evolving application requirements -- including new software modules for emerging technologies such as XML and voice over IP.

TMOS allows network professionals to use F5 iRules to gain extremely granular control over any traffic going through F5 devices. F5 iRules is an event-driven scripting language that customizes how application traffic is intercepted, inspected, transformed, and directed.

F5 iControl is an open API that helps automate communication with applications and eliminates the need for costly manual intervention. Applications or external management systems can instruct F5 TMOS-based devices to control traffic flow and maximize performance using iControl. This allows for easy integration and data center automation by connecting the data center ecosystem to the traffic and application control point.

It is important to keep in mind that TMOS is not a product; it is a universal, shared product platform that adds intelligence and complete control to application delivery. TMOS is a unique differentiator for F5 in the marketplace. No single competing technology can solve such a wide variety of IP-based application-delivery problems over a network.

GTM

The next training modules in the accreditation program cover the F5 core application delivery controllers: BIG-IP Local Traffic Manager (or LTM), and Global Traffic Manager (or GTM).

These products address the first two issues for application delivery application delivery within a single data center and application delivery within multiple data centers.

In the past, vendors could solve this for customers by selling a simple load balancer. Spread the traffic among several servers and its done. But as applications get more complex, the methods used for load balancing have to keep up. Administrators cant just evenly spread the traffic around; in order to distribute the traffic appropriately while maintaining security, the load balancer needs to actually understand the application, including concepts such as the user session state, the user context, and the movement of workload.

LTM provides the advanced features needed to provide intelligent load balancing and traffic management as well as advanced application security, acceleration, and optimization.

BIG-IP Global Traffic ManagerMost enterprises have multiple data centers and administrators can no longer use simple active-standby data center determinations. Instead, they need a system that will ensure scalability and security of the DNS infrastructure.

BIG-IP Global Traffic Manager (GTM) provides a more intelligent way to respond to DNS queries than simple load balancing among multiple data centers. BIG IP GTM distributes end-user application requests based on business policies, data center conditions, network conditions, user location, and application performance. This gives system administrators holistic control of global traffic to ensure high availability and maximum performance for applications running across multiple dispersed data centers. The result is better application performance, less downtime, and simplified management.

EnhanceApplication Security and Acceleration

While LTM and GTM provide availability, security, and acceleration, F5 provides additional modules that enhance application security and acceleration.

The first security module covered in this training is BIG-IP Application Security Manager (or ASM).

A common misunderstanding among IT professionals is that firewalls alone have the intelligence to provide effective application security they dont. Enterprises require a web application firewall (or WAF), like BIG-IP ASM, to provide a full view of application-level content.

ASM delivers comprehensive protection for web applications. In addition, ASM offers out of the box security, helping organizations quickly pass a security audit without requiring changes to the application code. PCI compliance reports provide an executive summary of requirements and recommendations for bringing an application environment into compliance.

To keep customers informed on the latest web threats as they grow in number and complexity, BIG-IP ASM includes a complete attack expert system with on-the-spot attack details, staging of new policies for testing, and quick administrator notification. This advanced application-layer gateway stops hackers and attacks while ensuring that legitimate users can access applications.

BIG-IP Access Policy Manager (or APM) is a flexible, high-performance network access and security alternative that can effectively enforce Web access management policies.APM verifies user identity to provide secure, context-aware access to web applications and networks while simplifying authentication and authorization, by centralizing AAA enforcement on the network.With access polices, APM gives security administrators granular control of users web and network access. The advanced Visual Policy Editor makes it easy for administrators to create individual and group access policies for many different identities, giving the administrator insight into the approved services users are accessing.

The next modules in the F5 Technical Accreditation training series cover the F5 acceleration portfolio.BIG-IP Web Accelerator is an advanced Web application delivery solution that provides a series of technologies that overcome performance issues involving browsers, Web application platforms, content distribution, and WAN latency. WebAccelerator improves end user experience and reduces infrastructure costs by decreasing page download times, offloading caching and compression from servers, and optimizing bandwidth usage.WebAccelerator uses HTTP optimizations, advanced caching, and compression techniques to improve web application performance. The solution simplifies deployment and configuration by incorporating pre-configured, validated acceleration policies for typical applications.

BIG-IP WAN Optimization ModuleIncreasing amounts of data are being transferred between data centers, driven by data replication and backup, storage requirements, and data center consolidation. The trend toward virtualization and cloud computing helps reduce IT costs and provide agility, but it also adds latency to application delivery. In addition, as enterprises move toward commodity bandwidth solutions, such as MPLS, Metro Ethernet and Internet VPN, packet loss and out of order packets can make application and service delivery unreliable.

F5 reduces the replication time and overcomes latency issues between data centers with WAN Optimization, which optimizes and accelerates data over the WAN, ensuring that application availability, data replication, and disaster recovery requirements are met while still letting IT departments take advantage of the reduced infrastructure costs of virtualization. By correcting loss, F5 WAN Optimization lets enterprises deploy applications and services that are consistent and reliable.

These services are integrated directly on the F5 BIG IP device and include superior compression, encryption, and traffic control capabilities that dramatically reduce data replication times and enable more efficient use of existing bandwidth. With F5 WAN optimization services, customers can replicate and backup critical data across the WAN up to 95 times faster than without optimization.

BIG-IP Edge Gateway.

Edge Gateway is an advanced remote access solution that provides secure, accelerated user access to applications. The dynamic, flexible policy engine enables administrators to enforce access policies, and provide optimization and acceleration to ensure fast, secure SSL VPN access for remote users. Context-aware, policy controlled access mean that users receive the appropriate level of access based on their role, device, and network.

An optional endpoint security service validates devices and enforces policies to protect the enterprise from virus or malware infections, accidental data loss, and rogue device access.

FirePass SSL VPN is an additional F5 security solution; however, it is not included in this training curriculum. FirePass, which is available as an appliance or in a Virtual Edition, grants access to corporate applications using web browser technology. FirePass can grant users secure access from anywhere they have an Internet connection, while ensuring that connected computers are fully patched and protected.

ARXThe next product you will learn about in the accreditation curriculum is ARX. The F5 ARX solution addresses customer concerns about complex, inflexible, inefficient, and rapidly expanding storage environments through file virtualization.

With this solution, customers have the ability to move individual files or entire file systems in real-time without disruption or down time. Intelligent policies automate data movement by matching data to the most appropriate storage platforms and performing backups only where needed. The ARX performs scheduled data movement, real-time data movement, and file movement based on user-defined policies.

The ARX is a purpose built platform designed to scale into the largest enterprise environments. The ARX platform sits in-band between the users (and applications they are accessing) and the file based storage required for their applications. This lets the ARX make storage decisions which allow customers to pool capacity, implement storage tiering, and do transparent data migration.

Enterprise Manager. Enterprise Manager is a centralized management appliance for F5 BIG-IP devices which gives customers a consolidated, real-time view of their entire F5 application delivery infrastructure, plus the tools required to quickly optimize performance and scale infrastructure. Enterprise Manager helps customers decrease deployment and management times in addition to decreasing operational errors. This results in a significant reduction in operating expenses and total cost of ownership.The Enterprise Manager is a centralized manager for BIG-IP products. Enterprise Manager features include: reporting; views; software staging; backups; and heuristics. Rollover each term to learn more about these features.

The last training module in the accreditation program covers the BIG-IP hardware and virtual platforms that, together with the software discussed in the earlier training modules, create the complete system for F5 customers. F5 designs and builds 3 different categories of platforms for application delivery:

Chassis-based platforms give customers the flexibility to add capacity without disruption, providing the ultimate in reliability and scalability;

Application delivery switches deliver dedicated, high-performance systems that enable customers to unify application delivery functions. This provides granular control to direct traffic based on specific needs as well as the ability to quickly adapt to changing conditions;

And Virtual Platforms that are intended to provide flexible deployment options for discrete applications and workloads.

F5 is committed to providing the highest quality through exhaustive design and test protocols. F5 hardware platforms meet the needs of customers with worldwide certification and compliance standards including NEBS, FIPS, Common Criteria, CLEI, RoHS, and others.