Duration

3 Days

Audience

Employees of federal, state and local governments; and businesses working with the government.

Course Overview

Is this the Right Course?

This course is intended for system administrators, network administrators and application developers responsible for the customization of traffic flow through a BIG-IP system.

Learning Objectives

• Setting Up the BIG-IP System
• Getting Started with iRules
• Exploring iRule Elements
• Developing and Troubleshooting iRules
• Optimizing iRule Execution
• Securing Web Applications with iRules
• Working with Numbers and Strings
• Processing the HTTP Payload
• Working with iFiles and Data Groups
• Using iRules with Universal Persistence, Stream, and Statistics Profiles
• Incorporating Advanced Variables

Outline

Lesson 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP System Configuration
• Leveraging F5 Support Resources and Tools

Lesson 2: Getting Started with iRules

• Customizing Application Delivery with iRules
• Triggering an iRule
• Leveraging the DevCentral Ecosystem
• Creating and Deploying iRules

Lesson 3: Exploring iRule Elements

• Introducing iRule Constructs
• Understanding iRule Events and Event Context
• Working with iRule Commands
• Logging from an iRule Using SYSLOG-NG (LOG Command)
• Working with User-Defined Variables
• Working with Operators and Data Types
• Working with Conditional Control Structures (IF and SWITCH)
• Incorporating Best Practices in iRules

Lesson 4: Developing and Troubleshooting iRules

• Mastering Whitespace and Special Symbols
• Grouping Strings
• Developing and Troubleshooting Tips
• Using Fiddler to Test and Troubleshoot iRules

Lesson 5: Optimizing iRule Execution

• Understanding the Need for Efficiency
• Measure iRule Runtime Efficiency Using Timing Statistics
• Modularizing iRules for Administrative Efficiency
• Using Procedures to Modularize Code
• Optimizing Logging
• Using High-Speed Logging Commands in an iRule
• Implementing Other Efficiencies
• Using Looping Control Structures (WHILE, FOR, FOREACH Commands)

Lesson 6: Securing Web Applications with iRules

• Integrating iRules into Web Application Defense
• Mitigating HTTP Version Attacks
• Mitigating Path Traversal Attacks
• Using iRules to Defends Against Cross-Site Request Forgery (CSRF)
• Mitigating HTTP Method Vulnerabilities
• Securing HTTP Cookies with iRules
• Adding HTTP Security Headers
• Removing Undesirable HTTP Headers

Lesson 7: Working with Numbers and Strings

• Understanding Number Forms and Notation
• Working with Strings (STRING and SCAN Commands)
• Combining Strings (Adjacent Variables, CONCAT and APPEND Commands)
• Using iRule String Parsing Functions (FINDSTR, GETFIELD, and SUBSTR Commands)

Lesson 8: Processing the HTTP Payload

• Reviewing HTTP Headers and Commands
• Accessing and Manipulating HTTP Headers (HTTP::header Commands)
• Other HTTP commands (HTTP::host, HTTP::status, HTTP::is_keepalive, HTTP::method, HTTP::version, HTTP::redirect, HTTP::respond, HTTP::uri)
• Parsing the HTTP URI (URI::path, URI::basename, URI::query)
• Parsing Cookies with HTTP::cookie
• Selectively Compressing HTTP Data (COMPRESS Command)

Lesson 9: Working with iFiles and Data Groups

• Working with iFiles
• Introducing Data Groups
• Working with Old Format Data Groups (MATCHCLASS, FINDCLASS)
• Working with New Format Data Groups (CLASS MATCH, CLASS SEARCH)

Lesson 10: Using iRules with Universal Persistence, Stream, and Statistics Profiles

• Implementing Universal Persistence (PERSIST UIE Command)
• Working with the Stream Profile (STREAM Command)
• Collecting Statistics Using a Statistics Profile (STATS Command)
• Collecting Statistics Using iStats (ISTATS Command)

Lesson 11: Incorporating Advanced Variables

• Reviewing the Local Variable Namespace
• Working with Arrays (ARRAY Command)
• Using Static and Global Variables
• Using the Session Table (TABLE Command)
• Processing Session Table Subtables
• Counting “Things” Using the Session Table