Arrow Electronics, Inc.

Developing iRules for BIG-IP

Kód: F5N_BIG-IRULE-CFG

DÉLKA: 24 Hours (3 DENNÍ)

CENA: Kč bez DPH 55 000,00

Popis

Na tomto F5 certifikovaném kurzu síťoví profesionálové pochopí, jak fungují iRules a naučí se, jak správně tyto skripty vyvíjet.
Kurz staví na základech kurzu Administering BIG-IP a ukazuje, jak logicky plánovat a psát iRules, tak aby pomohly řídit úkoly spojené se zpracováním provozu na BIG-IP, nebo provoz monitorovat. Kurz se skládá z psaní, aplikování a vyhodnocování vlivu iRules na provoz LTM. Tento praktický kurz zahrnuje přednášky, laby a diskuse.

Cíle

Topics Covered

• Setting up the BIG-IP system
• Getting started with iRules
• Leveraging DevCentral resources for iRule development
• Exploring iRule elements, including events, functions, commands, variables, and operators
• Using control structures for conditional branching and looping
• Mastering whitespace, grouping, and special symbols
• Measuring iRule efficiency using timing statistics
• Logging from an iRule using syslog-ng and high-speed logging (HSL)
• Optimizing iRules execution, including implementing efficiency best practices
• Modularizing iRules for administrative efficiency, including using procedures
• Securing web applications with iRules, including preventing common HTTP attacks, securing HTTP headers and cookies, and implementing HTTP strict transport security (HSTS)
• Working with strings, including using Tcl parsing commands and iRules parsing functions
• Accessing and manipulating HTTP traffic, including applying selective HTTP compression
• Working with iFiles and data groups
• Using iRules with universal persistence and stream profiles
• Gathering statistics using STATS and ISTATS
• Incorporating advanced variables, including arrays, static variables, and the session table


At the end of this course, the student will be able to:
• Describe the role of iRules in customizing application delivery on a BIG-IP system
• Describe best practices for using iRules
• Define event context, and differentiate between client-side and server-side contexts, request and response contexts, and local and remote contexts
• Trigger an iRule for both client-side and server-side request and response events
• Assign multiple iRules to a virtual server and control the order in which duplicate events trigger
• Describe and use a testing methodology for iRule development and troubleshooting
• Use local variables, static variables, lists, arrays, the session table, and data groups to store information needed for iRule execution
• Write iRules that are optimized for runtime and administrative efficiency
• Use control structures to conditionally branch or loop within an iRule
• Log from an iRule using Linux syslog-ng or TMOS high-speed logging (HSL)
• Incorporate coding best practices during iRule development
• Use analyzer tools to capture and view traffic flow on both client-side and server-side contexts
• Collect and use timing statistics to measure iRule runtime efficiency
• Write iRules to help mitigate and defend from some common HTTP attacks
• Differentiate between decimal, octal, hexadecimal, floating-point, and exponential notation
• Parse and manipulate strings using Tcl commands and iRule functions
• Write iRules to access and manipulate HTTP header information
• Write iRules to collect customized statistics
• Implement universal persistence via an iRule
• Modify payload content using an iRule with a stream profile

Určeno pro

This course is intended for system administrators, network administrators and application developers responsible for the customization of traffic flow through a BIG-IP system using iRules.

Vstupní znalosti

The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.

These courses are available at LearnF5 (https://www.f5.com/services/training):

▪ Getting Started with BIG-IP
▪ Getting Started with BIG-IP Local Traffic Manager (LTM)

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

▪ OSI model encapsulation
▪ Routing and switching
▪ Ethernet and ARP
▪ TCP/IP concepts
▪ IP addressing and subnetting
▪ NAT and private IP addressing
▪ Default gateway
▪ Network firewalls
▪ LAN vs. WAN

The following course-specific knowledge and experience is suggested before attending this course:

▪ HTTP protocol
▪ Any programming language

Program

Chapter 1: Setting Up the BIG-IP System

▪ Introducing the BIG-IP System
▪ Initially Setting Up the BIG-IP System
▪ Archiving the BIG-IP System Configuration
▪ Leveraging F5 Support Resources and Tools

Chapter 2: Getting Started with iRules

▪ Customizing Application Delivery with iRules
▪ Triggering an iRule
▪ Leveraging the DevCentral Ecosystem
▪ Creating and Deploying iRules

Chapter 3: Exploring iRule Elements

▪ Introducing iRule Constructs
▪ Understanding iRule Events and Event Context
▪ Working with iRule Commands
▪ Logging from an iRule Using SYSLOG-NG (LOG Command)
▪ Working with User-Defined Variables
▪ Working with Operators and Data Types
▪ Working with Conditional Control Structures (IF and SWITCH)
▪ Incorporating Best Practices in iRules

Chapter 4: Developing and Troubleshooting iRules

▪ Mastering Whitespace and Special Symbols
▪ Grouping Strings
▪ Developing and Troubleshooting Tips
▪ Using Fiddler to Test and Troubleshoot iRules

Chapter 5: Optimizing iRule Execution

▪ Understanding the Need for Efficiency
▪ Measure iRule Runtime Efficiency Using Timing Statistics
▪ Modularizing iRules for Administrative Efficiency
▪ Using Procedures to Modularize Code
▪ Optimizing Logging
▪ Using High-Speed Logging Commands in an iRule
▪ Implementing Other Efficiencies
▪ Using Looping Control Structures (WHILE, FOR, FOREACH Commands)

Chapter 6: Securing Web Applications with iRules

▪ Integrating iRules into Web Application Defense
▪ Mitigating HTTP Version Attacks
▪ Mitigating Path Traversal Attacks
▪ Using iRules to Defends Against Cross-Site Request Forgery (CSRF)
▪ Mitigating HTTP Method Vulnerabilities
▪ Securing HTTP Cookies with iRules
▪ Adding HTTP Security Headers
▪ Removing Undesirable HTTP Headers

Chapter 7: Working with Numbers and Strings

▪ Understanding Number Forms and Notation
▪ Working with Strings (STRING and SCAN Commands)
▪ Combining Strings (Adjacent Variables, CONCAT and APPEND Commands)
▪ Using iRule String Parsing Functions (FINDSTR, GETFIELD, and SUBSTR Commands)

Chapter 8: Processing the HTTP Payload

▪ Reviewing HTTP Headers and Commands
▪ Introducing iRule HTTP Header Commands
▪ Accessing and Manipulating HTTP Headers (HTTP::header Commands)
▪ Other HTTP commands (HTTP::host, HTTP::status, HTTP::is_keepalive, HTTP::method, HTTP::version, HTTP::redirect, HTTP::respond, HTTP::uri)
▪ Parsing the HTTP URI (URI::path, URI::basename, URI::query)
▪ Parsing Cookies with HTTP::cookie
▪ Selectively Compressing HTTP Data (COMPRESS Command)

Chapter 9: Working with iFiles and Data Groups

▪ Working with iFiles
▪ Working with Data Groups
▪ Working with Old Format Data Groups (MATCHCLASS, FINDCLASS)
▪ Working with New Format Data Groups (CLASS MATCH, CLASS SEARCH)

Chapter 10: Using iRules with Universal Persistence, Stream, and Statistics Profiles

▪ Implementing Universal Persistence (PERSIST UIE Command)
▪ Working with the Stream Profile (STREAM Command)
▪ Collecting Statistics Using a Statistics Profile (STATS Command)
▪ Collecting Statistics Using iStats (ISTATS Command)

Chapter 11: Incorporating Advanced Variables

▪ Reviewing the Local Variable Namespace
▪ Working with Arrays (ARRAY Command)
▪ Using Static and Global Variables
▪ Using the Session Table (TABLE Command)
▪ Processing Session Table Subtables
▪ Counting “Things” Using the Session Table

Termíny školení
Datum
Místo konání
Časové pásmo
Jazyk
Typ
Garance termínu
CENA

14 kvě 2025

Praha

CEDT

Čeština

Classroom

Kč bez DPH 55 000,00

14 kvě 2025

Virtual Classroom

CEDT

Čeština

Instructor Led Online

Kč bez DPH 55 000,00

Další termíny školení Arrow v Evropě, včetně virtuálních.