F5 Solutions for DDoS > Class 1: Introduction to DDoS with F5 Herculon > DDoS Hybrid Defender Setup Source | Edit on

Lab 1 – DDoS Hybrid Defender Setup¶

Estimated completion time: 45 minutes

Task 1 – Initial Set-up¶

Open a web browser and access supplied link.(Given at Location)
Login to the BIG-IP Configuration Utility via your preferred browser?

Note

When you first power up a F5 DHD device you would go through the steps of Licensing and Provisioning. We have assigned the management IP, hostname, NTP and DNS servers. You will be re-activating the license using a new license key.

On the System > Platform page configure the following, and then click Update.

Host Name <your name>.f5demo.com

Root Account (Password and Confirm) f5DEMOs4u

Admin Account (Password and Confirm) f5DEMOs4u
This will log you out. Log back in
On Device Management->Devices select the device and then click “Change Device Name…”. Update the device name to match the hostname you have chosen. Retain Current Authority
Click Update to save changes
Review and Verify the following: System -> Configuration -> Device -> NTP page add pool.ntp.org to the Time Server List, and then click Update.
Review and Verify the following: System -> Configuration -> Device ->DNS page add 8.8.8.8 to the DNS Lookup Server List, and then click Update.
Open the System > License page and re-activate the BIG-IP system using the new development license key using Manual mode. Copy and Paste License file.
Click Next and explore Resource Provisioning page

Host Name	<your name>.f5demo.com
Root Account (Password and Confirm)	f5DEMOs4u
Admin Account (Password and Confirm)	f5DEMOs4u

Note

The above task ensures that you are using a purpose built DDoS Hybrid Defender. If you are familiar with other F5 Modules/Technology that you have used in the past, you will notice that we have none of those provisioned.

When done click Submit.
Access the Jumbox via RDP. PuTTY into the Hybrid Defender. Login with root and restart services

bigstart restart

Take a break, ask questions, talk to your neighbor ..it will take several minutes to restart

Note

You MUST re-activate, even if the current license key hasn’t expired. For Silverline access each BIG-IP system must use a unique license key.

Task 2 – DDoS Hybrid Defender iApp and Base Configuration¶

In the BIG-IP Configuration Utility, open DoS Protection > Quick Configuration page.
Select Install RPM method of Onboard
Click Install
Open the About page
This page displays the current version of DDoS Hybrid Defender (DHD). You use this page to install and update the iApp LX version for DHD when newer versions are released.
In the BIG-IP Configuration Utility, click iApps, Templates and Import, importing the two templates located on the jumpbox documents folder.
Use the Browse and Upload buttons. (You will do this once for each template)
In the BIG-IP Configuration Utility, open iApps > Application Services and select Create
You will be creating two services based on the two Silverline Templates:
- F5.silverline_connector
- F5.silverline_dos_monitor
Use the default settings for the Silverline connector
Use the Silverline username and password supplied

Note

This is case sensitive – make sure email address is all lowercase

Create the 2^nd service for the Silverline DOS Monitor (f5.silverline_dos_monitor)
Use the default settings for the dos_connector except for Volumetric Attack Event Monitoring, switch the network object from interface to VLAN.
Open the DoS Protection > Quick Configuration Network Configuration page.
In the Default Network section click default VLAN.
Configure the VLANs using following information, and then click Done Editing.

Internal: VLAN Tag 20

Internal: Interfaces 1.2 Untagged

Internal: IP Address / Mask 10.1.20.240/21 (Click Add)

External: VLAN Tag 10

External: Interfaces 1.1 Untagged (Click Add)
At the bottom of the page click Update to create the default network.
Open the Network > VLANs > VLAN Groups page and click defaultVLAN.
A Bridged (VLAN Group) L2 configuration consistent recommended practices for most deployments was automatically created
Open the Network > DNS Resolvers > DNS Resolver list page and click Create.
Enter default_DNS_resolver and then click Finished.
A DNS resolver is required by bot signatures to allow for proper detection of benign search engines such as Google and Bing.
On the Jumpbox desktop, PuTTY to the BIG-IP
Login as root
Verify DNS by typing the following

nslookup api.f5silverline.com
Type the following to verify the correct date setting:

date
If the BIG-IP system date is not accurate, correct it using the following commands:
```
bigstart stop ntpd
ntpdate 10.1.1.254
bigstart start ntpd
```

Internal: VLAN Tag	20
Internal: Interfaces	1.2 Untagged
Internal: IP Address / Mask	10.1.20.240/21 (Click Add)
External: VLAN Tag	10
External: Interfaces	1.1 Untagged (Click Add)

Task 3 – Configure Silverline Signaling¶

In the BIG-IP Configuration Utility, open the DoS Protection > Quick Configuration page.
Open the Silverline page.
Configure using following information, and then click Update.

Username dhd2017us@f5agility.com

Password HybridDefense!Wins!

Service Address https://api.f5silverline.com
Register the device with the Silverline iApp, to provide bandwidth utilization updates in iApps->Application Services->Applications->silverline_connector. In the iApp, select Reconfigure and then click Finished. This will cause the iApp to register under the new device name.
Use a web browser and access https://portal.f5silverline.com.
Log in with the above credentials
In the Silverline browser, open the Config->Hybrid Configuration->Hybrid Device Management page.
Locate your DHD device by searching for (<your name prefix>.f5demo.com) .
Click the Approve button to approve device registration.

Username	dhd2017us@f5agility.com
Password	HybridDefense!Wins!
Service Address	https://api.f5silverline.com

Note

For Silverline device registration to function properly there must be some specific considerations. The BIG-IP system must have a unique device ID, which is comprised of attributes like Base MAC and registration key. In Ravello and similar virtual environments the Hybrid Defender VE must be re-licensed uniquely each time.

Task 4 – Configure DHD Device Bandwidth Thresholds¶

In the DoS Protection > Quick Configuration page, open the

Protected Objects page.
In the Network Protection section click Create.
Configure using following information, and then click Save.

Maximum Bandwidth: Specify 500

Scrubbing Threshold: Type Percentage

1.20Scrubbing Threshold: Value 75

Advertisement Method Silverline

Scrubber Details: Type Advertise All
That completes the setup for BIG-IP DDoS Hybrid Defender with Silverline integration.

Maximum Bandwidth: Specify	500
Scrubbing Threshold: Type	Percentage
1.20Scrubbing Threshold: Value	75
Advertisement Method	Silverline
Scrubber Details: Type	Advertise All

Previous Next