Skip to content

Commit

Permalink
Adding Class9
Browse files Browse the repository at this point in the history 
For Policy Supervisor
  • Loading branch information
@lesleycw
lesleycw committed Dec 4, 2023
1 parent c64d129 commit 22975d3
Show file tree
Hide file tree
Showing 4 changed files with 737 additions and 0 deletions.
38 changes: 38 additions & 0 deletions docs/class9/class9.rst
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
F5 Distributed Cloud - Introduction to Deployment Models and Services
=========================================================================

Welcome
-------

In this lab, attendees will be introduced to the F5 Distributed Cloud Services platform. Attendees will create proxy services for publishing and securing
applications that are served by both public and private endpoints. Attendees will also explore the DNS, Observability, and CDN capabilities of the platform.

Objectives:
----------

- Gain an understanding of deploying proxy services to securely deliver an application with a public endpoint
- Gain an understanding of viewing telemetry data and utilizing it to tune WAAP policies
- Gain an understanding of how to deploy a site for providing connectivity to a private endpoint
- Gain an understanding of DNS, Observability, and CDN
- Gain an understanding of Multi-Cloud Networking (MCN) connectivity features (i.e. AWS, Azure, and Google)

Lab & Tasks:
------------

The next page (Introduction) will cover the lab environment, access, and lab variables. The lab will be using a shared AWS account where we have deployed the following resources:

- NGINX webserver that is exposed to the Public internet ("Public Endpoint")
- F5 Distributed Cloud site node that can be used to connect to AWS VPC (network)
- NGINX webserver that only has a private IP address with no external access

During the lab exercises we will explore different methods of protecting and exposing applications/webserver
that are included in the lab

.. toctree::
:maxdepth: 2
:caption: Labs:
:glob:

intro*
lab*
close*
62 changes: 62 additions & 0 deletions docs/class9/close.rst
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
Conclusion
==========

Thank you for your participation in the F5 Distributed Cloud Lab.
This Lab Guide has highlighted how attendees can leverage F5 Distributed
Cloud security to protect hosted applications and resources.

Appendix
========
**F5 Distributed Cloud Platform**:
* **Overview**: https://www.f5.com/cloud/products/platform-overview
* **Documentation Portal**: https://docs.cloud.f5.com/docs/
* **Services**: https://docs.cloud.f5.com/docs/services
* **Concepts**: https://docs.cloud.f5.com/docs/ves-concepts

**F5 Distributed Cloud Web Application Firewall (WAF)**:
* **Intro**: https://www.f5.com/cloud/products/distributed-cloud-waf
* **How to**: https://docs.cloud.f5.com/docs/how-to/app-security/web-app-firewall

**F5 Distributed Cloud BotDefense**:
* **Intro**: https://www.f5.com/cloud/products/bot-defense
* **How to**: https://docs.cloud.f5.com/docs/how-to/advanced-security/bot-defense

**F5 Distributed Service Policies**:
* **How to**: https://docs.cloud.f5.com/docs/how-to/app-security/service-policy
* **How to**: https://docs.cloud.f5.com/docs/how-to/advanced-security/configure-ip-reputation

**Automation/Orchestration**:
* **API:** https://docs.cloud.f5.com/docs/api
* **Terraform:** https://registry.terraform.io/providers/volterraedge/volterra/latest

+----------------------------------------------------------------------------------------------+
| F5 Networks, Inc. \| f5.com |
+----------------------------------------------------------------------------------------------+

+----------------------------------------------------------------------------------------------+
| US Headquarters: 801 5th Ave, Seattle, WA 98104 \| 888-882-4447 |
| |
| Americas: [email protected] |
| |
| Asia-Pacific: [email protected] |
| |
| Europe/Middle East/Africa: [email protected] |
| |
| Japan: [email protected] |
| |
| ©2017 F5 Networks, Inc. All rights reserved. F5, F5 Networks, and the F5 logo are trademarks |
| |
| of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are |
| |
| identified at f5.com. Any other products, services, or company names referenced herein may |
| |
| be trademarks of their respective owners with no endorsement or affiliation, express or |
| |
| implied, claimed by F5. These training materials and documentation are F5 Confidential |
| |
| Information and are subject to the F5 Networks Reseller Agreement. You may not share these |
| |
| training materials and documentation with any third party without the express written |
| |
| permission of F5. |
+----------------------------------------------------------------------------------------------+
155 changes: 155 additions & 0 deletions docs/class9/intro.rst
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,155 @@
Introduction: Accessing F5 Distributed Cloud Console
====================================================

Welcome to this F5 Distributed Cloud Lab. The following tasks will guide you through the initial
access requirements for this multi-part lab. Lab attendees should have received an invitation
email to the lab environment based on the submitted registration email. Please check email and
spam folders if it has not been received. If you have not received an email, please contact a
member of the lab team.

F5 Distributed Cloud Console where this lab will be conducted, is a SaaS control-plane for
services that provides a UI and API for managing network, security, and compute services. The F5
Distributed Cloud Console can manage "sites" in existing on-premises data centers and sites in
AWS, Azure, and GCP cloud environments.

Task 1: Lab Environment
~~~~~~~~~~~~~~~~~~~~~~~

+----------------------------------------------------------------------------------------------+
| The image below represents an overview of the lab environment. F5 Distributed Cloud Services |
| |
| will be configured as a SaaS Edge delivery and security service tier to a publicly hosted web|
| |
| application. Key elements lab attendees will interact with are as follows: |
| |
| * **F5 Distributed Cloud Console** |
| * **F5 Distributed Cloud Global Network / Application Delivery Network (ADN)** |
| * **Publicly hosted application (Public Cloud)** |
+----------------------------------------------------------------------------------------------+
| |intro001| |
+----------------------------------------------------------------------------------------------+

Task 2: F5 Distributed Cloud Console Login
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

The following will guide you through the initial Lab environment access within the
F5 Distributed Cloud Console. You should have received an email with an invitation to
access a F5 Distributed Cloud Tenant. The email will come from **[email protected]**.

The name of the F5 Distributed Cloud tenant that we will be using is **f5-xc-lab-sec**
Additionally, the following are important elements of this lab and will be used throughout the
lab tasks that follow.

* F5 Distributed Cloud Console: **https://f5-xc-lab-sec.console.ves.volterra.io/**
* Delegated Domain: **lab-sec.f5demos.com**

After following the invitation email's to **Update Password**, proceed to the first step below.

+----------------------------------------------------------------------------------------------+
| 1. Please log into F5 Distributed Cloud Lab Tenant with your user ID (email) and password. |
| |
| **https://f5-xc-lab-sec.console.ves.volterra.io/** |
| |
| 2. When you first login, accept the Lab tenant EULA. Click the check box and the click |
| |
| **Accept and Agree**. |
| |
| 3. Select all persona roles and click **Next** to see all the various configuration options. |
| |
| Personas can be changed anytime if desired. |
| |
| 4. Click **Advanced** to expose more menu options and the **Get Started** to begin. You can |
| |
| change this setting after logging in as well. |
| |
| 5. Several **Guidance ToolTips** will appear, you can safely close these out. |
+----------------------------------------------------------------------------------------------+
| |intro002| |
| |
| |intro003| |
| |
| |intro004| |
| |
| |intro005| |
+----------------------------------------------------------------------------------------------+

+----------------------------------------------------------------------------------------------+
| 6. You can adjust your work domains and skill level (not required) by clicking on the |
| |
| **Account** icon in the top right of the screen and then clicking on **Account Settings**.|
| |
| 7. In the resulting window you can observe the **Work domains and skill level** section and |
| |
| other administrative functions. |
| |
| .. note:: |
| *For the purposes of this lab, permissions have been restricted to lab operations. As a* |
| |
| *some menus will be locked and not visible.* |
+----------------------------------------------------------------------------------------------+
| |intro006| |
| |
| |intro007| |
+----------------------------------------------------------------------------------------------+

+----------------------------------------------------------------------------------------------+
| 8. Namespaces, which provide an environment for isolating configured applications or |
| |
| enforcing role-based access controls, are leveraged within the F5 Distributed Cloud |
| |
| Console. For the purposes of this lab, each lab attendee has been provided a unique |
| |
| **namespace** which you will defaulted to (in terms of GUI navigation) for all tasks |
| |
| performed through the course of this lab. |
| |
| 9. Click on the **Select Service** in the left-hand navigation. In the resulting fly out |
| |
| navigation, click **Web App & API Protection**. |
| |
| 10. In the **Web App & API Protection** configuration screen observe the URL. In the URI |
| |
| path, locate the **<adjective-animal>** namespace that you have been assigned. It will be|
| |
| located in the portion of the URI path between */namespaces/* and */overview/* as shown |
| |
| in this example **…/namespaces/<namespace>/overview/…**. Note the namespace as it will |
| |
| be used throughout the lab tasks that follow. |
| |
| .. note:: |
| *Administratively, there are other ways to find namespaces. Due to access and permission* |
| |
| *restrictions for this particular lab, those menus are not available.* |
+----------------------------------------------------------------------------------------------+
| |intro008| |
| |
| |intro009| |
+----------------------------------------------------------------------------------------------+

+----------------------------------------------------------------------------------------------+
| **Beginning of Lab:** You are now ready to begin the lab, Enjoy! Ask questions as needed. |
+----------------------------------------------------------------------------------------------+
| |labbgn| |
+----------------------------------------------------------------------------------------------+

.. |intro001| image:: _static/intro-001.png
:width: 800px
.. |intro002| image:: _static/intro-002.png
:width: 800px
.. |intro003| image:: _static/intro-003.png
:width: 800px
.. |intro004| image:: _static/intro-004.png
:width: 800px
.. |intro005| image:: _static/intro-005.png
:width: 800px
.. |intro006| image:: _static/intro-006.png
:width: 800px
.. |intro007| image:: _static/intro-007.png
:width: 800px
.. |intro008| image:: _static/intro-008.png
:width: 800px
.. |intro009| image:: _static/intro-009.png
:width: 800px
.. |labbgn| image:: _static/labbgn.png
:width: 800px
Loading

0 comments on commit 22975d3

Please sign in to comment.