{"course":{"productid":26236,"modality":6,"active":true,"language":"de","title":"Configuring F5 SSL Orchestrator","productcode":"SSLO","vendorcode":"F5","vendorname":"F5 Networks","fullproductcode":"F5-SSLO","courseware":{"has_ekit":false,"has_printkit":true,"language":""},"url":"https:\/\/portal.flane.ch\/course\/f5networks-sslo","objective":"<ul>\n<li>Understand basic use cases for decryption and re-encryption of inbound and outbound SSL\/TLS network traffic<\/li><li>Create dynamic service chains of multiple security services<\/li><li>Configure security policies to enable policy-based traffic steering<\/li><li>Add SSL visibility to existing applications<\/li><li>Deploy SSL Orchestrator configurations based on topology templates<\/li><li>Troubleshoot an SSL Orchestrator deployment<\/li><\/ul>","essentials":"<p>The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:<\/p>\n<ul>\n<li>OSI model encapsulation<\/li><li>Routing and switching<\/li><li>Ethernet and ARP<\/li><li>TCP\/IP concepts<\/li><li>IP addressing and subnetting<\/li><li>NAT and private IP addressing<\/li><li>Default gateway<\/li><\/ul><p>The following course-specific knowledge and experience is suggested before attending this course:<\/p>\n<ul>\n<li>HTTP, HTTPS protocols<\/li><li>TLS\/SSL<\/li><li>Security services such as malware detection, data loss\/leak prevention (DLP), next-generation firewalls (NGFW), intrusion prevention systems (IPS), and Internet Content Adaptation Protocol (ICAP)<\/li><\/ul>","contents":"<ul>\n<li>Compare F5 SSL Orchestration to manual &ldquo;daisy chaining&rdquo; of security services<\/li><li>Learn essentials of PKI and certificates, how to create a certificate signing request, and how to import certificates and private keys into BIG-IP<\/li><li>Implement certificate forging in an SSL Forward Proxy deployment<\/li><li>Understand HTTP, ICAP, L3\/L2, and TAP security services<\/li><li>Configure traffic classification and URL bypass within a security policy<\/li><li>Define security services to include in a dynamic service chain<\/li><li>Use the Guided Configuration to deploy an outbound Layer 3 transparent forward proxy<\/li><li>Use the Guided Configuration to deploy an outbound Layer 3 explicit forward proxy<\/li><li>Use the Guided Configuration to deploy an inbound Layer 3 reverse proxy<\/li><li>Use the Guided Configuration to deploy an SSL Orchestration for an existing application<\/li><li>Configure High Availability for SSLO devices<\/li><li>Troubleshoot SSLO and traffic flow issues<\/li><\/ul>","outline":"<h5>Chapter 1: Introducing SSL Orchestrator  <\/h5><ul>\n<li>Why is SSL Visibility Needed?<\/li><li>SSL Visibility without SSL Orchestrator<\/li><li>The SSL Orchestrator Solution<\/li><li>SSLO Placement on the Network<\/li><li>Platform and Licensing Requirements<\/li><li>Leveraging F5 Support Resources and Tools<\/li><\/ul><h5>Chapter 2: Reviewing Local Traffic Configuration<\/h5><ul>\n<li>Reviewing Nodes, Pools, and Virtual Servers<\/li><li>Reviewing Address and Port Translation<\/li><li>Reviewing Routing Assumptions<\/li><li>Reviewing Application Health Monitoring<\/li><li>Reviewing Traffic Behavior Modification with Profiles<\/li><li>Reviewing the TMOS Shell (TMSH)<\/li><li>Reviewing Managing BIG-IP Configuration Data<\/li><\/ul><h5>Chapter 3: Certificate Fundamentals<\/h5><ul>\n<li>Overview of Internet Security Model<\/li><li>Understanding how Certificates are Used<\/li><li>Using a Certificate in Profiles<\/li><li>SSL Forward Proxy<\/li><li>SSLdump<\/li><\/ul><h5>Chapter 4: SSLO Traffic Flow<\/h5><ul>\n<li>SSL Orchestration is more than Visibility<\/li><li>Inbound\/Outbound Inspection<\/li><li>Flow Support and Cipher Diversity<\/li><li>Broad Topology and Device Support<\/li><li>Dynamic Service Chaining and Policy-based Traffic Steering<\/li><li>Advanced Monitoring<\/li><li>Dynamic Scaling<\/li><li>Dynamic Evaluation<\/li><li>Selecting the Appropriate Topology<\/li><\/ul><h5>Chapter 5: Using SSLO Guided Configuration<\/h5><ul>\n<li>Introducing Guided Configuration<\/li><li>Reviewing the Landing Page<\/li><li>Differentiating Topologies<\/li><li>SSL Configuration<\/li><li>Services and Service Handling<\/li><li>Constructing Service Chains<\/li><li>Creating a Security Policy<\/li><li>Defining an Interception Rule<\/li><li>Examining Egress<\/li><li>Applying Log Settings<\/li><li>Summary page and Deployment<\/li><li>Exploring the Dashboard<\/li><\/ul><h5>Chapter 6: SSLO Deployment Scenarios<\/h5><ul>\n<li>Transparent Forward Proxy<\/li><li>Explicit Forward Proxy<\/li><li>Classroom Lab Environment<\/li><li>Gateway Reverse Proxy (L3 Inbound)<\/li><li>Existing Application<\/li><\/ul><h5>Chapter 7: Managing the SSLO Security Policy<\/h5><ul>\n<li>Review creating Security Policies<\/li><li>View Security Policies<\/li><li>Viewing Per-Request Policies<\/li><\/ul><h5>Chapter 8: Troubleshooting SSLO<\/h5><ul>\n<li>Solving Traffic Flow Issues<\/li><li>Solving Guided Configration(UI) and iAppLX issues<\/li><li>Determining SSLO Version<\/li><li>Troubleshooting using cURL<\/li><li>Viewing Log Files<\/li><li>Capturing Traffic using tcpdump<\/li><li>Backing up SSLO<\/li><li>Deleting a SSLO Configuration<\/li><\/ul><h5>Chapter 9: SSLO High Availability<\/h5><ul>\n<li>Deploying BIG-IP Systems to Achieve High Availability<\/li><li>Establishing Device Trust<\/li><li>Establishing a Sync-Failover Device Group<\/li><li>Synchronizing Configuration Data<\/li><li>SSLO High Availability (HA) Requirements<\/li><li>Installation and Upgrade Cautions<\/li><li>Troubleshooting HA<\/li><\/ul>","summary":"<p>In this 2 day course, students are provided with a functional understanding of how to deploy, test and maintain F5 SSL Orchestrator to optimize the SSL infrastructure, provide security devices with visibility of SSL\/TLS encrypted traffic, and maximize efficient use of that existing security investment.<\/p>\n<p>The course includes lecture, hands-on labs, and discussion about the importance of SSL visability, how F5 SSL Orchestrator supports policy-based management, steering of traffic flows to existing security devices and centralizes the SSL decrypt\/encrypt function through multi-layered security, dynamic service chaining, topology selections and security policies.<\/p>","objective_plain":"- Understand basic use cases for decryption and re-encryption of inbound and outbound SSL\/TLS network traffic\n- Create dynamic service chains of multiple security services\n- Configure security policies to enable policy-based traffic steering\n- Add SSL visibility to existing applications\n- Deploy SSL Orchestrator configurations based on topology templates\n- Troubleshoot an SSL Orchestrator deployment","essentials_plain":"The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:\n\n\n- OSI model encapsulation\n- Routing and switching\n- Ethernet and ARP\n- TCP\/IP concepts\n- IP addressing and subnetting\n- NAT and private IP addressing\n- Default gateway\nThe following course-specific knowledge and experience is suggested before attending this course:\n\n\n- HTTP, HTTPS protocols\n- TLS\/SSL\n- Security services such as malware detection, data loss\/leak prevention (DLP), next-generation firewalls (NGFW), intrusion prevention systems (IPS), and Internet Content Adaptation Protocol (ICAP)","contents_plain":"- Compare F5 SSL Orchestration to manual \u201cdaisy chaining\u201d of security services\n- Learn essentials of PKI and certificates, how to create a certificate signing request, and how to import certificates and private keys into BIG-IP\n- Implement certificate forging in an SSL Forward Proxy deployment\n- Understand HTTP, ICAP, L3\/L2, and TAP security services\n- Configure traffic classification and URL bypass within a security policy\n- Define security services to include in a dynamic service chain\n- Use the Guided Configuration to deploy an outbound Layer 3 transparent forward proxy\n- Use the Guided Configuration to deploy an outbound Layer 3 explicit forward proxy\n- Use the Guided Configuration to deploy an inbound Layer 3 reverse proxy\n- Use the Guided Configuration to deploy an SSL Orchestration for an existing application\n- Configure High Availability for SSLO devices\n- Troubleshoot SSLO and traffic flow issues","outline_plain":"Chapter 1: Introducing SSL Orchestrator  \n\n\n- Why is SSL Visibility Needed?\n- SSL Visibility without SSL Orchestrator\n- The SSL Orchestrator Solution\n- SSLO Placement on the Network\n- Platform and Licensing Requirements\n- Leveraging F5 Support Resources and Tools\nChapter 2: Reviewing Local Traffic Configuration\n\n\n- Reviewing Nodes, Pools, and Virtual Servers\n- Reviewing Address and Port Translation\n- Reviewing Routing Assumptions\n- Reviewing Application Health Monitoring\n- Reviewing Traffic Behavior Modification with Profiles\n- Reviewing the TMOS Shell (TMSH)\n- Reviewing Managing BIG-IP Configuration Data\nChapter 3: Certificate Fundamentals\n\n\n- Overview of Internet Security Model\n- Understanding how Certificates are Used\n- Using a Certificate in Profiles\n- SSL Forward Proxy\n- SSLdump\nChapter 4: SSLO Traffic Flow\n\n\n- SSL Orchestration is more than Visibility\n- Inbound\/Outbound Inspection\n- Flow Support and Cipher Diversity\n- Broad Topology and Device Support\n- Dynamic Service Chaining and Policy-based Traffic Steering\n- Advanced Monitoring\n- Dynamic Scaling\n- Dynamic Evaluation\n- Selecting the Appropriate Topology\nChapter 5: Using SSLO Guided Configuration\n\n\n- Introducing Guided Configuration\n- Reviewing the Landing Page\n- Differentiating Topologies\n- SSL Configuration\n- Services and Service Handling\n- Constructing Service Chains\n- Creating a Security Policy\n- Defining an Interception Rule\n- Examining Egress\n- Applying Log Settings\n- Summary page and Deployment\n- Exploring the Dashboard\nChapter 6: SSLO Deployment Scenarios\n\n\n- Transparent Forward Proxy\n- Explicit Forward Proxy\n- Classroom Lab Environment\n- Gateway Reverse Proxy (L3 Inbound)\n- Existing Application\nChapter 7: Managing the SSLO Security Policy\n\n\n- Review creating Security Policies\n- View Security Policies\n- Viewing Per-Request Policies\nChapter 8: Troubleshooting SSLO\n\n\n- Solving Traffic Flow Issues\n- Solving Guided Configration(UI) and iAppLX issues\n- Determining SSLO Version\n- Troubleshooting using cURL\n- Viewing Log Files\n- Capturing Traffic using tcpdump\n- Backing up SSLO\n- Deleting a SSLO Configuration\nChapter 9: SSLO High Availability\n\n\n- Deploying BIG-IP Systems to Achieve High Availability\n- Establishing Device Trust\n- Establishing a Sync-Failover Device Group\n- Synchronizing Configuration Data\n- SSLO High Availability (HA) Requirements\n- Installation and Upgrade Cautions\n- Troubleshooting HA","summary_plain":"In this 2 day course, students are provided with a functional understanding of how to deploy, test and maintain F5 SSL Orchestrator to optimize the SSL infrastructure, provide security devices with visibility of SSL\/TLS encrypted traffic, and maximize efficient use of that existing security investment.\n\nThe course includes lecture, hands-on labs, and discussion about the importance of SSL visability, how F5 SSL Orchestrator supports policy-based management, steering of traffic flows to existing security devices and centralizes the SSL decrypt\/encrypt function through multi-layered security, dynamic service chaining, topology selections and security policies.","skill_level":"Beginner","version":"1.0","duration":{"unit":"d","value":2,"formatted":"2 Tage"},"pricelist":{"List Price":{"NL":{"country":"NL","currency":"EUR","taxrate":21,"price":1900},"BE":{"country":"BE","currency":"EUR","taxrate":21,"price":1900},"IT":{"country":"IT","currency":"EUR","taxrate":20,"price":1900},"FR":{"country":"FR","currency":"EUR","taxrate":19.6,"price":1900},"GB":{"country":"GB","currency":"USD","taxrate":20,"price":2200},"SI":{"country":"SI","currency":"USD","taxrate":20,"price":2420},"DE":{"country":"DE","currency":"USD","taxrate":19,"price":2640},"CH":{"country":"CH","currency":"USD","taxrate":8.1,"price":2640},"AT":{"country":"AT","currency":"USD","taxrate":20,"price":2640}}},"lastchanged":"2025-09-10T08:17:00+02:00","parenturl":"https:\/\/portal.flane.ch\/swisscom\/json-courses","nexturl_course_schedule":"https:\/\/portal.flane.ch\/swisscom\/json-course-schedule\/26236","source_lang":"de","source":"https:\/\/portal.flane.ch\/swisscom\/json-course\/f5networks-sslo"}}