F5 BIG-IP SSL Orchestrator Training Lab > All SSL Orchestrator Lab Guides > [Archived] SSL Orchestrator v7 (Agility 2020) Training Labs Source | Edit on
SSL Orchestrator v7 - SSLO 201: Real World Use Cases / Putting It to Use (Agility | 2 hours)¶
Created for use at F5 Agility 2020
As organizational requirements change, so does the need to update security polices and apply additional features to existing F5 SSL Orchestrator deployments. There is no need to fear required maintenance and regular upkeep of your security strategy. Maintenance can be performed within the SSLO Dashboard. It also provides enhanced statistical information which is needed to differentiate between normal and abnormal traffic.
After completing the modules in this class you will be familiar with:
Modifying existing SSL Orchestrator configurations to keep up with business and security demands
SSL Orchestrator logs and logging capabilities
Integrating authentication to facilitate user-based policy enforcement and logging on an HTTP service (web proxy)
Expected time to complete: 2 hours
This class covers the following topics:
- 1. SSL Orchestrator Lab Environment
- 2. Managing Security Services & Service Chains
- 2.1. Scenario
- 2.2. Lab Overview
- 2.3. Pre-existing environment validation
- 2.4. Review the current SSL Orchestrator deployment
- 2.5. Create a new Cisco Firepower Threat Defense TAP service
- 2.6. Create a new "All Services" Service Chain
- 2.7. Create a new "Cisco Firepower" Service Chain
- 2.8. Update Service Chains on existing Security Policy rules
- 2.9. Confirm Service Chain and Security Policy rules are working as expected
- 3. Understanding SSL Orchestrator logging
- 3.1. Scenario
- 3.2. Lab Overview
- 3.3. Overview of SSL Orchestrator logging
- 3.4. Per-Request Policy logging
- 3.5. SSL Orchestrator Generic logging
- 3.6. Local Traffic logging
- 3.7. Enabling SSL Orchestrator connection summary logging
- 3.8. Sending connection summary log messages to a remote high-speed log server
- 4. Transparent authentication using NTLM
- 4.1. Scenario
- 4.2. Lab Overview
- 4.3. Verify authentication is currently disabled
- 4.4. Review the Access Policy and AAA configuration
- 4.5. Enable NTLM authentication on explicit proxy topology
- 4.6. Verify that user information is being identified on the F5 SSL Orchestrator
- 4.7. Enable authentication offload
- 5. Conclusion