• |

SSL Inspection 4

For training/certification requests or questions,
contact: training@a10networks.com

All courses: System Administration 4Application Delivery Control 4 | Carrier Grade NAT 4 | SSL Inspection 4 | Threat Protection System 3

Course Description

This course provides users with the necessary skills to implement a system for inspection of SSL traffic.

 

Objectives

From two ACOS devices pre-configured in a Layer 3 base environment, students learn how to configure SSLi and the concepts behind how SSLi works:

  • SSLi Concepts
  • SSLi Configuration
  • SSLi Bypass Features
  • SSLi Troubleshooting

 

Class Structure

  • Classroom Discussion     50%
  • Lab Exercises     50%

 

Prerequisites

  • OSI reference model
  • Network topology and administration
  • An industry standard switching and routing CLI

 

Audience

  • Network Operations (NetOps)
  • Development Operations (DevOps)
  • Network Security (NetSec)
  • Architects (Arch)

Outline

TOPIC LAB TIME (Hours)

SSLi Overview

SSLi Concepts
SSLi Traffic Flow
SSLi Requirements
Deployment Topologies

 X 0.5

Configuring the Internal SSLi Device

Access-List configuration
VLAN configuration
Server configuration
Service Group configuration
client-ssl template configuration
Wildcard VIP configuration

 0.5

Configuring the External SSLi Device

Access-List configuration
VLAN configuration
Server configuration
Service Group configuration
server-ssl template configuration
Wildcard VIP configuration

 X 1.5

SSLi Bypass Features

Static Bypass
Web Category Bypass
SNI Support

 0.5

SSLi with Explicit Proxy

Explicit Proxy Overview
SSLi with Explicit Proxy
Explicit Proxy Configuration

 0.5

Other Features

Static Port Intercept
Dynamic Port Intercept
ICAP
AppCentric Template

 X 1.5

SSLi Troubleshooting

Examining Traffic Flow
AXDebug
Show Techsupport

 X 1.0