General Flashcards

1
Q

ASM

A

Application Security Manager is a web application firewall which protects web apps through automated policy development, enforcement, and reporting.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

APM

A

Access Policy Manager provides:

  • SSL VPN
  • Site-to-site IPsec VPN
  • SSO via Kerberos ticketing and SAML 2.0
  • IdP (SAML) Chaining
    *
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

GTM

A

A global load balancing solution, GTM improves access to applications by securing and accelerating Domain Name resolution.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

AFM

A

Advanced Firewall Manager is a stateful full proxy firewall intended for data center protection. Released as a module with BIG-IP v11.3, AFM appears as “Secure” panel in configuration utility.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

LTM

A

LTM provides intelligent traffic management for rapid application deployment, optimization, load-balancing, and offloading.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

APM

A

Access Policy Manager provides valuable insight and control over who is on the network and what applications they are using.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

AAM

A

Application Acceleration Manager speeds up application delivery and controls the growth of bandwidth demands, particularly for video.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

LC

A

BIG-IP Link Controller puts you in control by monitoring the performance and availability of each ISP link, helping you keep ISP costs down. It dynamically directs inbound and outbound connections over the best possible link and improves application performance by prioritizing and optimizing traffic.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

PEM

A

Policy Enforcement Manager allows service providers to understand subscriber behavior, create tailored service plans, and improve service quality.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

ADF

A

Application Delivery Firewall (ADF) is an ammalgamation of:

  • (AFM) Advanced Firewall Manager
  • (APM) Access Policy Manager
  • (ASM) Application Security Manager
  • (LTM) Local Traffic Manager
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

HTTP Class Profile

A
  • Use HTTP Class profiles when it is possible to classify HTTP traffic using simple strings or regex patterns. More complex operations, may need to use an iRule.
  • starting with 11.4 HTTP Class profiles are replaced by Local Traffic Policies

[{source]](http://support.f5.com/kb/en-us/solutions/public/7000/200/sol7280.html)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

OneConnect profile

A
  • increase efficiency by reusing connections to pool members
  • uses HTTP Keep-Alives to maintain connections
  • must use SNAT or SNAT Automap
  • OneConnect is not recommended for FTP, RTSP. Some TCP protocols may require an iRule to handle connection reuse. Best suited to protocols where transaction boundaries are well defined
  • when an HTTP client sends multiple requests within a single connection, OneConnect also allows the BIG-IP to process each HTTP request individually. without OneConnect load-balancing is performed once per TCP connection

[source]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

HTTP 1.0 vs. HTTP 1.1

A
  • HTTP 1.0 keepalves are disabled by default, HTTP 1.1 keepalives are enabled by default
    *
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Stream Profile

A
  • Stream profile performs a search and replace procedure for all occurrences of a string in a data stream
  • use the Stream profile with any TCP traffic
  • when used with HTTP profile search/replace is performed on the HTTP payload
  • when used without HTTP profile search/replace is performed on the entire data portion of each TCP segment
  • Stream profile also works when the string to be replaced is split across multiple TCP segments
  • Since the Content-Length header is proxied to the server before the Stream replacements are performed, there is no way to adjust the reported content length. With stream profile chunking is mandatory.
  • Not comatible with server-side compression because compressed data cannot be searched.
  • by default stream matches are case sensitive, for case-insensitive apply a basic regex construct
  • all replacements in a single pass, replaced data will not rematch
  • in order for an iRule to call the Stream profile apply the default Stream profile to the virtual (with all parameters blank)
  • to prevent replacements on binary data, HTTP must be restricted to rewritable content types, e.g. Content-Type: text/*

​[source]

How well did you know this?
1
Not at all
2
3
4
5
Perfectly