Na tomto F5 certifikovaném kurzu síťoví profesionálové pochopí, jak fungují iRules a naučí se, jak správně tyto skripty vyvíjet. Kurz staví na základech kurzu Administering BIG-IP a ukazuje, jak logicky plánovat a psát iRules, tak aby pomohly [...]
  • F5_IRULES
  • Délka 3 dny
  • 0 ITK bodů
  • 3 termíny
  • Praha (57 700 Kč)

    Brno (na vyžádání)

    Bratislava (2 220 €)

Na tomto F5 certifikovaném kurzu síťoví profesionálové pochopí, jak fungují iRules a naučí se, jak správně tyto skripty vyvíjet. Kurz staví na základech kurzu Administering BIG-IP a ukazuje, jak logicky plánovat a psát iRules, tak aby pomohly řídit úkoly spojené se zpracováním provozu na BIG-IP, nebo provoz monitorovat. Kurz se skládá z psaní, aplikování a vyhodnocování vlivu iRules na provoz LTM. Tento praktický kurz zahrnuje přednášky, laby a diskuse.

»

This course is intended for system administrators, network administrators and application developers responsible for the customization of traffic flow through a BIG-IP system using iRules.

Topics Covered

  • Setting up the BIG-IP system
  • Getting started with iRules
  • Leveraging DevCentral resources for iRule development
  • Exploring iRule elements, including events, functions, commands, variables, and operators
  • Using control structures for conditional branching and looping
  • Mastering whitespace, grouping, and special symbols
  • Measuring iRule efficiency using timing statistics
  • Logging from an iRule using syslog-ng and high-speed logging (HSL)
  • Optimizing iRules execution, including implementing efficiency best practices
  • Modularizing iRules for administrative efficiency, including using procedures
  • Securing web applications with iRules, including preventing common HTTP attacks, securing HTTP headers and cookies, and implementing HTTP strict transport security (HSTS)
  • Working with strings, including using Tcl parsing commands and iRules parsing functions
  • Accessing and manipulating HTTP traffic, including applying selective HTTP compression
  • Working with iFiles and data groups
  • Using iRules with universal persistence and stream profiles
  • Gathering statistics using STATS and ISTATS
  • Incorporating advanced variables, including arrays, static variables, and the session table

At the end of this course, the student will be able to:

  • Describe the role of iRules in customizing application delivery on a BIG-IP system
  • Describe best practices for using iRules
  • Define event context, and differentiate between client-side and server-side contexts, request and response contexts, and local and remote contexts
  • Trigger an iRule for both client-side and server-side request and response events
  • Assign multiple iRules to a virtual server and control the order in which duplicate events trigger
  • Describe and use a testing methodology for iRule development and troubleshooting
  • Use local variables, static variables, lists, arrays, the session table, and data groups to store information needed for iRule execution
  • Write iRules that are optimized for runtime and administrative efficiency
  • Use control structures to conditionally branch or loop within an iRule
  • Log from an iRule using Linux syslog-ng or TMOS high-speed logging (HSL)
  • Incorporate coding best practices during iRule development
  • Use analyzer tools to capture and view traffic flow on both client-side and server-side contexts
  • Collect and use timing statistics to measure iRule runtime efficiency
  • Write iRules to help mitigate and defend from some common HTTP attacks
  • Differentiate between decimal, octal, hexadecimal, floating-point, and exponential notation
  • Parse and manipulate strings using Tcl commands and iRule functions
  • Write iRules to access and manipulate HTTP header information
  • Write iRules to collect customized statistics
  • Implement universal persistence via an iRule
  • Modify payload content using an iRule with a stream profile

The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.

These courses are available at LearnF5 (https://www.f5.com/services/training):

  • Getting Started with BIG-IP
  • Getting Started with BIG-IP Local Traffic Manager (LTM)

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

  • OSI model encapsulation
  • Routing and switching
  • Ethernet and ARP
  •  TCP/IP concepts
  • IP addressing and subnetting
  • NAT and private IP addressing
  • Default gateway
  • Network firewalls
  • LAN vs. WAN

The following course-specific knowledge and experience is suggested before attending this course:

  • HTTP protocol
  • Any programming language

Chapter 1: Setting Up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Setting Up the BIG-IP System
  • Archiving the BIG-IP System Configuration
  • Leveraging F5 Support Resources and Tools

Chapter 2: Getting Started with iRules

  • Customizing Application Delivery with iRules
  • Triggering an iRule
  • Leveraging the DevCentral Ecosystem
  • Creating and Deploying iRules

Chapter 3: Exploring iRule Elements

  • Introducing iRule Constructs
  • Understanding iRule Events and Event Context
  • Working with iRule Commands
  • Logging from an iRule Using SYSLOG-NG (LOG Command)
  • Working with User-Defined Variables
  • Working with Operators and Data Types
  • Working with Conditional Control Structures (IF and SWITCH)
  • Incorporating Best Practices in iRules

Chapter 4: Developing and Troubleshooting iRules

  • Mastering Whitespace and Special Symbols
  • Grouping Strings
  • Developing and Troubleshooting Tips
  • Using Fiddler to Test and Troubleshoot iRules

Chapter 5: Optimizing iRule Execution

  • Understanding the Need for Efficiency
  • Measure iRule Runtime Efficiency Using Timing Statistics
  • Modularizing iRules for Administrative Efficiency
  • Using Procedures to Modularize Code
  • Optimizing Logging
  • Using High-Speed Logging Commands in an iRule
  • Implementing Other Efficiencies
  • Using Looping Control Structures (WHILE, FOR, FOREACH Commands)

Chapter 6: Securing Web Applications with iRules

  • Integrating iRules into Web Application Defense
  • Mitigating HTTP Version Attacks
  • Mitigating Path Traversal Attacks
  • Using iRules to Defends Against Cross-Site Request Forgery (CSRF)
  • Mitigating HTTP Method Vulnerabilities
  • Securing HTTP Cookies with iRules
  • Adding HTTP Security Headers
  • Removing Undesirable HTTP Headers

Chapter 7: Working with Numbers and String

  • Understanding Number Forms and Notation
  • Working with Strings (STRING and SCAN Commands)
  • Combining Strings (Adjacent Variables, CONCAT and APPEND Commands)
  • Using iRule String Parsing Functions (FINDSTR, GETFIELD, and SUBSTR Commands)

Chapter 8: Processing the HTTP Payload

  • ?Reviewing HTTP Headers and Commands
  • Introducing iRule HTTP Header Commands
  • Accessing and Manipulating HTTP Headers (HTTP::header Commands)
  • Other HTTP commands (HTTP::host, HTTP::status, HTTP::is_keepalive, HTTP::method, HTTP::version, HTTP::redirect, HTTP::respond, HTTP::uri)
  • Parsing the HTTP URI (URI::path, URI::basename, URI::query)
  • Parsing Cookies with HTTP::cookie
  • Selectively Compressing HTTP Data (COMPRESS Command)

Chapter 9: Working with iFiles and Data Groups

  • Working with iFiles
  • Working with Data Groups
  • Working with Old Format Data Groups (MATCHCLASS, FINDCLASS)
  • Working with New Format Data Groups (CLASS MATCH, CLASS SEARCH)

Chapter 10: Using iRules with Universal Persistence, Stream, and Statistics Profiles

  • Implementing Universal Persistence (PERSIST UIE Command)
  • Working with the Stream Profile (STREAM Command)
  • Collecting Statistics Using a Statistics Profile (STATS Command)
  • Collecting Statistics Using iStats (ISTATS Command)

Chapter 11: Incorporating Advanced Variables

  • Reviewing the Local Variable Namespace
  • Working with Arrays (ARRAY Command)
  • Using Static and Global Variables
  • Using the Session Table (TABLE Command)
  • Processing Session Table Subtables
  • Counting “Things” Using the Session Table
Aktuální nabídka
Školicí místo
Jazyk kurzu

Uvedené ceny jsou bez DPH.