SSLO 101: Essential SSL Visibility with SSL Orchestrator (Agility 2022 | 2 hours)

Note

Requires UDF Blueprint: "Agility 2022 - SSL Orchestrator 101"

BIG-IP 16.1 / SSL Orchestrator 9.2

As the volume of data continues to grow at a rapid pace, more organizations are deploying Secure Socket Layer (SSL) and Transport Layer Security (TLS) solutions to encrypt data in transit. This is a great win for security overall to help protect privacy and prevent data breaches. However, cyber criminals are also using SSL/TLS channels to propagate malware and exfiltrate data. They know that they can bypass traditional security inspection solutions, which may not have the ability to inspect encrypted traffic.

The F5 SSL Orchestrator solution maximizes network traffic visibility, security, and reduces infrastructure efficiencies by:

• Effectively decrypting and inspecting SSL/TLS traffic

• Applying a policy-driven approach to intelligently steer traffic flows through security service chains

• Supporting multiple deployment modes for flexibility in integrating with complex architectures

Attend this lab to get a hands-on introduction to the F5 SSL Orchestrator solution.

Expected time to complete: 2 hours

CONTENTS

• 1. What is F5 SSL Orchestrator?
  • 1.1. Overview
• 2. SSL Orchestrator Lab Environment
  • 2.1. Accessing the Virtual Lab
  • 2.2. Lab Details
• 3. Create a Transparent Forward Proxy SSLO
  • 3.1. Login and review the UDF lab hosts and endpoints
  • 3.2. Review the default SSL Orchestrator pre-requisites
  • 3.3. Begin creating the initial deployment via Guided Configuration
  • 3.4. Guided configuration Topology
  • 3.5. Guided configuration SSL Configuration
  • 3.6. Guided configuration Authentication
  • 3.7. Guided configuration Service
  • 3.8. Guided configuration Service Chain
  • 3.9. Guided configuration Security Policy
  • 3.10. Guided configuration Interception Rule
  • 3.11. Guided configuration Egress Setting
  • 3.12. Guided configuration Log Settings
  • 3.13. Guided configuration Summary
  • 3.14. Review behavior prior to decryption
  • 3.15. Enable decryption and test behavior
  • 3.16. Configure and test selective decryption by URL category
  • 3.17. View dashboard
  • 3.18. Add the remaining services (optional - time permitting)
  • 3.19. Associate new services to service chains (optional - time permitting)
  • 3.20. Test the new TAP service (optional - time permitting)
• 4. Conclusion
• 5. SSL Orchestrator Labs
• 6. Contributors
• 7. Revision History
• 8. Lab Guide Repository (GitHub)
• 9. Appendix 1 - Common Testing Commands
  • 9.1. View TLS/SSL certificates using a command line tool
  • 9.2. Packet capture
  • 9.3. Control the SSL Forward Proxy certificate cache
  • 9.4. Isolate SSLO traffic
  • 9.5. Debugging
  • 9.6. SSL inspection
  • 9.7. Control the URL Filtering database
  • 9.8. External testing
  • 9.9. General troubleshooting