Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
F5 Synthesis
LTM
GTM
AAM
AFM
APM
ASM
CGNAT
PEM
Chassis
Appliance
Network
Virtual Edition
LTM
GTM
AAM
AFM
APM
ASM
CGNAT
PEM
3
GTM
GET
DNS?
Internet
Data Center 2
Data Center 1
LTM
GTM
Application
Servers
GTM
LTM
Application
Servers
6
Tier 2: Protect L7
ASM
LTM
APM
AFM
LTM
GTM
SSL Termination
Single Sign-on
Network Firewall
DNS Services
Load Balancing to Tier 2
Anonymous
Proxies
Anonymous
Requests
Botnet
Cloud
Attackers
Network
Multiple ISP
strategy
Corporate Users
Application
Network attacks:
ICMP flood,
UDP flood,
SYN flood
SSL attacks:
SSL renegotiation,
SSL flood
Financial
Services
Legitimate
Users
Cloud
Scrubbing
Service
DDoS
Attackers
E-Commerce
ISPa/b
DNS attacks:
DNS amplification,
query flood,
dictionary attack,
DNS poisoning
Network
and DNS
Application
HTTP attacks:
Slowloris,
slow POST,
recursive POST/GET
Subscriber
IPS
Strategic Point of Control
Clients
Application Services
+ Access Policy Management
APM
LTM
VDI
VDI
VDI
Data Center
Directory Services
Application Servers
9
BIG-IP
BIG-IP
Data Center
Hybrid Cloud
Public Cloud
10
TCP
View
Configure
Default
and deny
modify
to listen
device
traffic
for
certain
behavior
traffic
TCP
Server
Unencrypted
Compressed
Uncompressed
IPv6
IPv4
11
BIG-IP: Administration
iApps
LTM
GTM
ASM
APM
AAM
AFM
GUI
iRules
TMSH
Full Proxy
High Performance
Hardware
SSL
Compression
CLI
12
http://www.f5.com
http://203.0.113.10
http://www.f5.com
Virtual Server
203.0.113.10:80
216.34.94.17:80
http_pool
172.16.20.1:80
172.16.20.2:80
172.16.20.3:80
web application
web application
web application
14
Request
Source
Source
Destination
Destination
Virtual
Client
Server
Virtual
Client
Server
Virtual Server
Load balancing decision
Translation is "undone"
Destination translation
Member
Member
Member
Source
Source
Destination
Destination
PoolClient
Member
PoolClient
Member
Response
15
192.0.2.101
Source
Destination
192.0.2.101:3154
203.0.113.10:80
203.0.113.10:80
172.16.20.1:80
172.16.20.2:80
Destination
192.0.2.101:3154
172.16.20.1:80
172.16.20.3:80
16
203.0.113.10:80
172.16.20.1:80
172.16.20.2:80
Source
Destination
203.0.113.10:80
192.0.2.101:3154
Source
Destination
172.16.20.1:80
192.0.2.101:3154
172.16.20.3:80
17
Source
Destination
192.0.2.101:3154
203.0.113.10:80
203.0.113.10:80
Source
Destination
192.0.2.101:3154
172.16.20.3:8080
172.16.20.3:8080
172.16.20.1:8082
172.16.20.2:8081
18
SOL8082
3
4
BIG-IP
SYN
SYN_ACK
ACK
Pool Member
virtual server
2
HTTP_GET
SYN
SYN_ACK
ACK
7
8
HTTP_RESPONSE
10
HTTP_GET
HTTP_RESPONSE