Lab 1 – DDoS Hybrid Defender Setup

Estimated completion time: 20 minutes

Task 1 – Initial Set-up

  • Open the Chrome web browser and access the DHD from the toolbar shortcut.
  • Login to the BIG-IP Configuration Utility using the ‘’admin’’ account.

image200

Note

When you first power up a F5 DHD device you would normally go through the steps of licensing, provisioning and basic set-up. We have licensed, assigned the management IP, hostname, NTP and DNS servers for you. Verify DHD and Jumpbox are showing same time.

Note

If you are familiar with the BIG-IP UI, You will notice the menus on the left are consolidated. This is an indication you are working with a DDoS Hybrid defender device.

Expand each panel section to see the components available in each section.

  • Dos Configuration: Where most day-to-day configuration takes place.

  • Dos Setup: Where one-time or infrequent system Dos configuration is performed.

  • Network: The new simplified Security Network Configuration utility to add new network topologies to the system.

  • Visibility: Were the Analyst will spend a majority of the time looking at the GUI and logs.

  • System: Shows a subset of the system utilities found in the traditional TMUI System menu. (Available in Advanced View on the DHD)

    image201

  • If you need to access more options, there is a shortcut at the bottom of the Menu page. Show Advanced Menu

    image211

  • Explore the Resource Provisioning page

    image202

Note

The above task ensures that you are using a purpose built DDoS Hybrid Defender. If you are familiar with other F5 Modules/Technology that you have used in the past, you will notice that we have none of those provisioned.

  • When done click Submit.

Task 2 – DDoS Hybrid Defender Base Configuration

The architecture and design decisions should have been made already. Based on F5 recommendations we are going to deploy this device in L2 Transparent Mode.

  • Click Network in the left hand menu. Then Select Topology.

  • Click Create on the upper right side.

  • You will notice the various options you can select based on the prior architecture decisions.

  • For this classes purpose Click on the VLAN Group image.

    image203

  • Fill out the information from the table below. Then Click Done Editing within that section.

VLAN Group Name: defaultVlan
Internal: VLAN Tag 20
Internal: Interfaces 1.2 Untagged (Click Add)
External: VLAN Tag 10
External: Interfaces 1.1 Untagged (Click Add)

image204

  • At the bottom of the page click Finished to create the default network.

This completes the initial Network Set-Up of DHD.