- 1、本文档共133页,可阅读全部内容。
- 2、有哪些信誉好的足球投注网站(book118)网站文档一经付费(服务费),不意味着购买了该文档的版权,仅供个人/单位学习、研究之用,不得用于商业用途,未经授权,严禁复制、发行、汇编、翻译或者网络传播等,侵权必究。
- 3、本站所有内容均由合作方或网友上传,本站不对文档的完整性、权威性及其观点立场正确性做任何保证或承诺!文档内容仅供研究参考,付费前请自行鉴别。如您付费,意味着您自己接受本站规则且自行承担风险,本站不退款、不进行额外附加服务;查看《如何避免下载的几个坑》。如果您已付费下载过本站文档,您可以点击 这里二次下载。
- 4、如文档侵犯商业秘密、侵犯著作权、侵犯人身权等,请点击“版权申诉”(推荐),也可以打举报电话:400-050-0827(电话支持时间:9:00-18:30)。
查看更多
F5 BIGIP LTM原厂培训资料-1
What is FIPS? FIPS 140-2 standard : “Security Requirements for Cryptographic Modules”. Standard SSL Server Keys? Can’t login to Servers, can’t get at keys. Isn’t Standard SSL good enough? Want keys in tamper-proof hardware. Who needs FIPS-140? Companies regulated by U.S. government Configuring FIPS Epoxied card Switch (MOI) Card Reader Change Key Note – old picture Generate Certificate Create SSL Profile Point VS to Profile SSL Termination Labs Client SSL : Generate Certificate Custom Client SSL profile vs_ssl 10.10.X.102:443 using Client SSL profile Test: Connect :443 to :80 web? Server SSL (Optional): Custom Server SSL profile vs_ssl using both Client and Server SSL profiles Test again: Internet 10.10.X.102:443 80 7 Course Outline Installation Load Balancing Health Monitors Profiles Persistence Processing SSL Traffic Lab Project NATs and SNATs iRules Redundant Pair High Availability Maintaining BIG-IP LTM Day 1 Day 2 Let’s look at insert mode cookie persistence in more detail: Client connects the first time: the web browser has yet to receive a cookie for this site. BIG-IP detects that no cookie is present, and forwards the connection to the most appropriate available node. The node issues its http reply to the client. BIG-IP inserts a cookie with the appropriate expiration value and specific node information. Client connects back a second time. This time the web browser inserts the cookie in its http request. BIG-IP reads the cookie, and forwards the connection to the specified server The node issues its http reply to the client. BIG-IP updates the expiration value in the cookie. The advantage of insert mode cookie persistence is that the web servers remain untouched. The drawback is that the BIG-IP controller has an increased workload. Note that the BIG-IP controller is unable to forward the incoming connection to the appropriate node until it receives the cookie. As such, it needs to perform the initial TCP handshake with the connecting client.
您可能关注的文档
- C程序设计9--预处理命令.ppt
- cs4398的lpf电路 - 音响DIY论坛.doc
- CRTS1无砟轨道控制要点及易出问题-1.doc
- C获取MP3文件信息.doc
- C经典程序_整数在2到16进制之间任意转换的程序.doc
- C语言程序设计期末考试试卷1.doc
- C智能小车2011电子设计大赛C题论文___智能小车__C8051F320单片机控制__C语言.doc
- D1地块桩基竣工报告.doc
- c语言上机练习100题.doc
- D8简易逻辑分析仪.doc
- 温州市重点中学2025年初三生物试题下学期第一次联考试卷含解析.doc
- 2025年浙江杭州余杭区初三第二次调研联考生物试题试卷含解析.doc
- 江苏省苏州市吴中学、吴江、相城区市级名校2025届全国初三大联考生物试题含解析.doc
- 吉林省德惠市达标名校2025届中考生物试题山东卷冲刺训练解析含解析.doc
- 2025年江西省抚州市宜黄县初三第一次诊断生物试题试卷含解析.doc
- 陕西省工大、铁一、交大重点达标名校2024-2025学年初三冲刺模拟生物试题含解析.doc
- 山西省河曲实验中学2025年高中毕业生二月调研测试生物试题含解析.doc
- 浙江省嘉兴市嘉善县市级名校2025年中考生物试题命题比赛模拟试卷(31)含解析.doc
- 重庆市渝北区名校2025年初三毕业班第一次质量检测试题生物试题模拟试题含解析.doc
- 白银市重点中学2025年初三联考B卷生物试题含解析.doc
文档评论(0)