2. Advanced Multi-Layer Firewall Protection¶
Firewall 320 – Advanced Multi-Layer Firewall Protection
Participant Hands-on Lab Guide
Last Updated: March 26, 2018
©2018 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified at f5.com.
Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5.
Welcome to the F5 Agility 2018 Multilayer Firewall Implementations setup and hands-on exercise series.
The purpose of the Lab Setup and Configuration Guide is to walk you through the setup of F5 BIGIP to protect applications at multiple layers of the OSI stack hence providing Application Security Control. This in effect allows F5 BIG-IP to be multiple firewalls within a single platform.
*Assumptions/Prerequisites*: You have attended the AFM 101 lab sessions either this year or in previous years. Additionally this lab guide assumes that you understand LTM/TMOS basics and are comfortable with the process of creating Nodes, Pools, Virtual Servers, Profiles and Setting up logging and reporting.
There are three modules detailed in this document.
Module 1: F5 Multi-layer Firewall
Module 2: F5 Dynamic Firewall Rules With iRules LX
Module 3: AFM Protocol Inspection IPS
- Remote Desktop Protocol (RDP) client utility
- Windows: Built-in
- Mac (Microsoft Client): https://itunes.apple.com/us/app/microsoft-remote-desktop/id715768417?mt=12
- Mac (Open Source Client): http://sourceforge.net/projects/cord/files/cord/0.5.7/CoRD_0.5.7.zip/download
- Unix/Linux (Source – Requires Compiling): http://www.rdesktop.org/
You may use your webbrowser for console access if necessary but screen sizing may be affected.
IP Filtering locks down connectivity to to the remote labs. If you are required to VPN into your corporate office to get Internet access, please determine your external IP address via https://www.whatismyip.com and provide an instructor with that information for your pod.
- Connectivity to the facility provided Internet service
- Unique destination IP address for RDP to your lab
- 2.1. Module 1: F5 Multi-layer Firewall
- 2.1.1. Lab 1: Configure pools and internal virtual servers
- 2.1.2. Lab 2: Leverage LTM Policies To Direct SSL Terminated Applications To Secondary Virtual Servers
- 2.1.3. Lab 3: Configure Local Logging For Firewall Events
- 2.1.4. Lab 4: Configure A Firewall Policy and Firewall Rules For Each Application
- 2.1.5. Lab 5: Provide Firewall Security Policies For CDN Enabled Applications
- 2.1.6. Lab 6: Configure HTTP security
- 2.1.7. Lab 7: Configure A Clone Pool For SSL Visibility To IDS Sensors Or Other Security Tools
- 2.2. Module 2: F5 Dynamic Firewall Rules With iRules LX
- 2.3. Module 3: AFM Protocol Inspection IPS
- 2.3.1. Lab 1: Preconditions
- 2.3.2. Lab 2: Protocol Inspection - Compliance Checks
- 2.3.3. Lab 3: Protocol Inspection - Signatures
- 2.3.4. Lab 4: Protocol Inspection - Custom Signatures