Introduction
Welcome to the F5 Technical Accreditation. This curriculum was
developed for F5 employees and partners to provide the necessary
knowledge and skills to engage in technical conversations with
customers about their application delivery needs and show how F5
can seamlessly integrate into their existing environments.F5 offers
a powerful and flexible suite of products that helps organizations
create an agile IT infrastructure that aligns with the demands of
their business. This curriculum will not cover every integration
option in the F5 portfolio. Instead, the intent is to show the
challenges that businesses face and illustrate how F5 solutions can
be deployed to help system administrators gain strategic points of
control wherever information is exchanged.At various points in the
curriculum there will be an opportunity to take exams on one or
more of the completed modules. After passing all of the exams,
learners will receive a certificate showing successful completion
of the Technical portion of the F5 Sales Accreditation. Click Next
to continue.
This program includes 12 e-learning modules and will take
approximately 9 hours to complete. By the end of the training, you
will have a good foundation of knowledge about the F5 products and
platforms.This first module provides an overview of the topics
discussed in the rest of the training. Because the F5 solution is
an integrated system, it is important that you have a broad
understanding of the F5 strategy and product portfolio before
drilling deeper into individual components. Before we get started,
click on the Course Navigation button to learn how to move through
this course.Course Navigation
long the bottom of the screen there are several navigation
buttons. You will need to click the Next button to move to the next
slide, and click the Back button to move to the previous slide.
The Course Map displays an overview of the course and the CC
button, which stands for Closed Captioning, allows you to follow
along with the courses narration if needed. The Audio On and Audio
Off button turns the audio portion of the course on and off. The
Resources button will display a list of printable job aids and or
allow you to access additional information. Longer training modules
include a Main Menu button which lets you navigate between lessons
in the module.
Finally, a Progress Bar is located at the bottom of the slide.
As the slide plays, the slider will move across the screen to track
your progress.
Rollover the highlighted areas to review this information
again.
Once you are ready to continue, click the Next button.
The F5 design philosophy is unique and its based on this
reasoning:
"The only reason the network exists is to support the
applications running on top of it and ensure that they are
successfully delivered in an operationally efficient manner."
F5 application delivery solutions balance traffic and offload
compute-intensive functions, screen traffic for security threats,
and speed the flow of traffic to improve the performance,
availability, and security of applications.
"What good is security if the applications youre protecting are
down or simply unavailable because theyre too slow? And what good
is a highly optimized and available business critical application
if it is not secured?"F5 provides an application infrastructure
that is adaptable and cost effective; moving from disparate systems
and architectures to an integrated application fluent architecture;
from manual tasks to automation; and from implementing functions
directly in the applications themselves to offloading these
functions to a centralized network resource for better efficiency.
F5 provides strategic points of control throughout the IT
infrastructure, enabling organizations to scale, adapt, and align
with changing business demands.
TMOS
The second module in this training explores TMOS: the shared
product platform that is the foundation for F5 products.
TMOS allows for full proxy, intelligent control of a network --
which ensures applications are delivered exactly as intended and
protected from security threats, traffic congestion, and network
failures. The adaptability provided by this centralized
infrastructure lets F5 devices automatically adjust to network
conditions and business policies, giving administrators a
previously unattainable level of control. At the same time, TMOS
accommodates changes in network demands and expedites easy adoption
of evolving application requirements -- including new software
modules for emerging technologies such as XML and voice over
IP.
TMOS allows network professionals to use F5 iRules to gain
extremely granular control over any traffic going through F5
devices. F5 iRules is an event-driven scripting language that
customizes how application traffic is intercepted, inspected,
transformed, and directed.
F5 iControl is an open API that helps automate communication
with applications and eliminates the need for costly manual
intervention. Applications or external management systems can
instruct F5 TMOS-based devices to control traffic flow and maximize
performance using iControl. This allows for easy integration and
data center automation by connecting the data center ecosystem to
the traffic and application control point.
It is important to keep in mind that TMOS is not a product; it
is a universal, shared product platform that adds intelligence and
complete control to application delivery. TMOS is a unique
differentiator for F5 in the marketplace. No single competing
technology can solve such a wide variety of IP-based
application-delivery problems over a network.
GTM
The next training modules in the accreditation program cover the
F5 core application delivery controllers: BIG-IP Local Traffic
Manager (or LTM), and Global Traffic Manager (or GTM).
These products address the first two issues for application
delivery application delivery within a single data center and
application delivery within multiple data centers.
In the past, vendors could solve this for customers by selling a
simple load balancer. Spread the traffic among several servers and
its done. But as applications get more complex, the methods used
for load balancing have to keep up. Administrators cant just evenly
spread the traffic around; in order to distribute the traffic
appropriately while maintaining security, the load balancer needs
to actually understand the application, including concepts such as
the user session state, the user context, and the movement of
workload.
LTM provides the advanced features needed to provide intelligent
load balancing and traffic management as well as advanced
application security, acceleration, and optimization.
BIG-IP Global Traffic ManagerMost enterprises have multiple data
centers and administrators can no longer use simple active-standby
data center determinations. Instead, they need a system that will
ensure scalability and security of the DNS infrastructure.
BIG-IP Global Traffic Manager (GTM) provides a more intelligent
way to respond to DNS queries than simple load balancing among
multiple data centers. BIG IP GTM distributes end-user application
requests based on business policies, data center conditions,
network conditions, user location, and application performance.
This gives system administrators holistic control of global traffic
to ensure high availability and maximum performance for
applications running across multiple dispersed data centers. The
result is better application performance, less downtime, and
simplified management.
EnhanceApplication Security and Acceleration
While LTM and GTM provide availability, security, and
acceleration, F5 provides additional modules that enhance
application security and acceleration.
The first security module covered in this training is BIG-IP
Application Security Manager (or ASM).
A common misunderstanding among IT professionals is that
firewalls alone have the intelligence to provide effective
application security they dont. Enterprises require a web
application firewall (or WAF), like BIG-IP ASM, to provide a full
view of application-level content.
ASM delivers comprehensive protection for web applications. In
addition, ASM offers out of the box security, helping organizations
quickly pass a security audit without requiring changes to the
application code. PCI compliance reports provide an executive
summary of requirements and recommendations for bringing an
application environment into compliance.
To keep customers informed on the latest web threats as they
grow in number and complexity, BIG-IP ASM includes a complete
attack expert system with on-the-spot attack details, staging of
new policies for testing, and quick administrator notification.
This advanced application-layer gateway stops hackers and attacks
while ensuring that legitimate users can access applications.
BIG-IP Access Policy Manager (or APM) is a flexible,
high-performance network access and security alternative that can
effectively enforce Web access management policies.APM verifies
user identity to provide secure, context-aware access to web
applications and networks while simplifying authentication and
authorization, by centralizing AAA enforcement on the network.With
access polices, APM gives security administrators granular control
of users web and network access. The advanced Visual Policy Editor
makes it easy for administrators to create individual and group
access policies for many different identities, giving the
administrator insight into the approved services users are
accessing.
The next modules in the F5 Technical Accreditation training
series cover the F5 acceleration portfolio.BIG-IP Web Accelerator
is an advanced Web application delivery solution that provides a
series of technologies that overcome performance issues involving
browsers, Web application platforms, content distribution, and WAN
latency. WebAccelerator improves end user experience and reduces
infrastructure costs by decreasing page download times, offloading
caching and compression from servers, and optimizing bandwidth
usage.WebAccelerator uses HTTP optimizations, advanced caching, and
compression techniques to improve web application performance. The
solution simplifies deployment and configuration by incorporating
pre-configured, validated acceleration policies for typical
applications.
BIG-IP WAN Optimization ModuleIncreasing amounts of data are
being transferred between data centers, driven by data replication
and backup, storage requirements, and data center consolidation.
The trend toward virtualization and cloud computing helps reduce IT
costs and provide agility, but it also adds latency to application
delivery. In addition, as enterprises move toward commodity
bandwidth solutions, such as MPLS, Metro Ethernet and Internet VPN,
packet loss and out of order packets can make application and
service delivery unreliable.
F5 reduces the replication time and overcomes latency issues
between data centers with WAN Optimization, which optimizes and
accelerates data over the WAN, ensuring that application
availability, data replication, and disaster recovery requirements
are met while still letting IT departments take advantage of the
reduced infrastructure costs of virtualization. By correcting loss,
F5 WAN Optimization lets enterprises deploy applications and
services that are consistent and reliable.
These services are integrated directly on the F5 BIG IP device
and include superior compression, encryption, and traffic control
capabilities that dramatically reduce data replication times and
enable more efficient use of existing bandwidth. With F5 WAN
optimization services, customers can replicate and backup critical
data across the WAN up to 95 times faster than without
optimization.
BIG-IP Edge Gateway.
Edge Gateway is an advanced remote access solution that provides
secure, accelerated user access to applications. The dynamic,
flexible policy engine enables administrators to enforce access
policies, and provide optimization and acceleration to ensure fast,
secure SSL VPN access for remote users. Context-aware, policy
controlled access mean that users receive the appropriate level of
access based on their role, device, and network.
An optional endpoint security service validates devices and
enforces policies to protect the enterprise from virus or malware
infections, accidental data loss, and rogue device access.
FirePass SSL VPN is an additional F5 security solution; however,
it is not included in this training curriculum. FirePass, which is
available as an appliance or in a Virtual Edition, grants access to
corporate applications using web browser technology. FirePass can
grant users secure access from anywhere they have an Internet
connection, while ensuring that connected computers are fully
patched and protected.
ARXThe next product you will learn about in the accreditation
curriculum is ARX. The F5 ARX solution addresses customer concerns
about complex, inflexible, inefficient, and rapidly expanding
storage environments through file virtualization.
With this solution, customers have the ability to move
individual files or entire file systems in real-time without
disruption or down time. Intelligent policies automate data
movement by matching data to the most appropriate storage platforms
and performing backups only where needed. The ARX performs
scheduled data movement, real-time data movement, and file movement
based on user-defined policies.
The ARX is a purpose built platform designed to scale into the
largest enterprise environments. The ARX platform sits in-band
between the users (and applications they are accessing) and the
file based storage required for their applications. This lets the
ARX make storage decisions which allow customers to pool capacity,
implement storage tiering, and do transparent data migration.
Enterprise Manager. Enterprise Manager is a centralized
management appliance for F5 BIG-IP devices which gives customers a
consolidated, real-time view of their entire F5 application
delivery infrastructure, plus the tools required to quickly
optimize performance and scale infrastructure. Enterprise Manager
helps customers decrease deployment and management times in
addition to decreasing operational errors. This results in a
significant reduction in operating expenses and total cost of
ownership.The Enterprise Manager is a centralized manager for
BIG-IP products. Enterprise Manager features include: reporting;
views; software staging; backups; and heuristics. Rollover each
term to learn more about these features.
The last training module in the accreditation program covers the
BIG-IP hardware and virtual platforms that, together with the
software discussed in the earlier training modules, create the
complete system for F5 customers. F5 designs and builds 3 different
categories of platforms for application delivery:
Chassis-based platforms give customers the flexibility to add
capacity without disruption, providing the ultimate in reliability
and scalability;
Application delivery switches deliver dedicated,
high-performance systems that enable customers to unify application
delivery functions. This provides granular control to direct
traffic based on specific needs as well as the ability to quickly
adapt to changing conditions;
And Virtual Platforms that are intended to provide flexible
deployment options for discrete applications and workloads.
F5 is committed to providing the highest quality through
exhaustive design and test protocols. F5 hardware platforms meet
the needs of customers with worldwide certification and compliance
standards including NEBS, FIPS, Common Criteria, CLEI, RoHS, and
others.