A10TPS3.1 - TPS 3.1

Overview

Duration: 2.0 days

Instructs Network Operations, Development Operations, Network Security, and Architects on implementing an effective threat protection system for A10 ACOS deployments in data center environment.

Objectives

• Use a Galaxy to orchestrate TPS devices
• Monitor traffic and detect attacks
• Configure and apply mitigation strategies against the following DDoS attacks
  • Volumetric
  • protocol
  • Reflection
  • Resource

• Generate reports
• Examine network traffic at the packet level

Content

TPS Deployment

• Types of DDoS Attacks
• TPS Deployment Modes
• High Availability

DDoS Mitigation

• Protection Layers
• Protected Objects
• Traffic Software Scrubbing Process
• Mitigation Tables
• Black / White Lists
• Using aFlex Scripts

Traffic Rate Limiting

• Defaut Traffic Rate Limits
• Traffic Rate Interval
• Custom Traffic Rate Limits
• Templates
• Precedence of DDoS Settings
• Rate-Limiting by Class-List
• Rate-Limiting by Geo-Location

TPS Mitigation Strategies 1: Volumetric Attacks

• TCP SYN Flood
• TCP SYN Cookie
• TCP Anomalies
• DNS Attacks
• NTP Attacks

TPS Mitigation Strategies 2: Protocol Attacks

• IP Protocol Attacks
• ICMP Protocol Attacks
• TCP Protocol Attacks
• HTTP Protocol Attacks
• SSL Attack Mitigation

TPS Mitigation Strategies 3: Resource Attacks

• Slowloris
• Slow Read Attacks
• SLow Post Attacks

Monitoring & Debugging

• sFlow
• Using axdebug

Audience

• Network Operations (NetOps)
• Development Operations (DevOps)
• Network Security (NetSec)
• Architects (Arch)

Prerequisites

• OSI reference model
• Network topology and administration

Certification

This course is not associated with any Certification.