Configuring BIG-IP Advanced Firewall Manager (AFM) v12

Duration: 2 Days


This course uses lectures and hands-on exercises to give participants real-time experience in setting up and configuring the BIG-IP® Advanced Firewall Manager system. Students are introduced to the AFM user interface, stepping through various options that demonstrate how AFM is configured to build a network firewall and detect and protect against DoS (Denial of Service) attacks. Reporting and log facilities are also explained and used in the course labs. Further Firewall functionality and additional DoS facilities for DNS and SIP traffic are discussed.


This course is intended for system and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP Advanced Firewall Manager System.


  • Students should be familiar with the F5 BIG-IP Product Suite and, in particular, how to setup and configure a BIG-IP LTM system, including virtual servers, pools, profiles, VLANs and self-IPs.
  • Students should have previously attended Administering BIG-IP & Configuring BIG-IP Local Traffic Manager (LTM), BIG-IP Application Security Manager (ASM), BIG-IP Access Policy Manager (APM) or successfully passed F5 Certified BIG-IP Administrator certification.
  • Students should also understand: Common security and network terminology TCP/IP addressing, routing and internetworking concepts Security authorization and authentication concepts Common elements of WAN and LAN environments.
  • In addition, students should be proficient in: Basic PC operation and application skills, including MS Windows Basic Web browser operation (Internet Explorer is used in class)

Topics Covered

  • Setting Up the BIG-IP System
  • AFM Overview and Network Firewall
  • Logs
  • IP intelligence
  • Device DoS
  • Reports
  • DoS Whitelists
  • DoS Sweep Flood Protection
  • DNS Firewall
  • DNS DoS
  • SIP DoS
  • Network Firewall iRules
  • DoS iRules
  • Additional Training and Certification