+ Reply to Thread
Results 1 to 20 of 20
  1. Woohoo! It's over 1000!
    Join Date
    Aug 2015
    Location
    Australia
    Posts
    1,680

    Certifications
    RHCSA, Linux+, ACSA, ACTC, ACSP, MCSA:7, MCTS, ITIL F, Prince2 Pract, AgilePM Practioner, VCP-DCV, Storage+, CCNA R+S, CCNA Sec, Security+, CEH, CASP
    #1

    Default F5 Certifications - how to prepare?

    I've been looking at systems/networking jobs, and F5 comes up a lot. I've not touched F5 at all, so I was thinking it might be a good idea to get some knowledge so that I can at least say I know something.

    F5 has some free training on their website, which I intend to go through. But reports are that it is far from sufficient to get even basic certification. I got pricing for live classroom training, and it was more than I am willing to spend.

    So I am left with options for self study, but have honestly no idea where to start.

    Are there any good, current, books people can recommend?
    Any good, cheap, online training?
    Any cheap videos?
    Should I be labbing this?
    How to set up a cheap lab?

    By cheap I mean, maybe $100's (or less) but not $1000's.
    2017 Goals - MCSA 2008, CISSP, CCNP:R+S, Agile PM
    Reply With Quote Quote  

  2. SS -->
  3. Senior Member
    Join Date
    Dec 2010
    Posts
    357

    Certifications
    VCA5-DCV, CEH, ECSA, CHFI, ITILv3, CND
    #2
    I'm interested to know too.
    Working on:
    1) MCSA 2012 - 410
    2) Cisco Cyber Ops 210-250 (SECFND)
    Reply With Quote Quote  

  4. Senior Member
    Join Date
    Mar 2012
    Location
    Texas
    Posts
    125
    #3
    I've recently started working with F5's in my current job. It's a different animal. Unless there is a simulator it is going to be hard to learn about the F5 w/out working on it directly. There are also different modules.

    There are Linux based load balancers out there you can load and play with and it will give you some idea of how they work but the actual working of the F5 beyond reading about it will be hard to pick up.

    Possibly if your serious about the cert which I think it is worthwhile you can find a used one and practice on it. Maybe ask F5 for a temp license.
    Reply With Quote Quote  

  5. Achieve excellence daily
    Join Date
    May 2012
    Location
    Washington State
    Posts
    1,341

    Certifications
    CISSP
    #4
    I have the F5 Certified Admin cert. I don't know of any free online training for F5 products. Labs can be done with a VM license from CDW - it's about $100.

    I don't know if you could pass the exams with just F5 docs and a VM. I have been working on F5's for about 4 years and attended F5 Admin, F5 ASM and F5 APM training.
    When you go the extra mile, there's no traffic.
    Reply With Quote Quote  

  6. Achieve excellence daily
    Join Date
    May 2012
    Location
    Washington State
    Posts
    1,341

    Certifications
    CISSP
    #5
    Here are the study guides for the two exams you need in order to become a Big-IP Admin
    101: https://www.f5.com/pdf/certification..._Guide_101.pdf
    201: https://www.f5.com/pdf/certification..._Guide_201.pdf

    You must pass both of these exams before you can take any of the 300 series exams.
    When you go the extra mile, there's no traffic.
    Reply With Quote Quote  

  7. Senior Member
    Join Date
    Aug 2013
    Location
    Dallas TX
    Posts
    279

    Certifications
    A+, N+, S+, CSA+, MCP,MSM ISS, MS DFS, BS IT, AAS CNS
    #6
    I taught F5 for about a month or two and was working through the certification process. The 101 cert is basically a glorified Network+ exam. The 202 is more focused on F5 products themselves. I should've kept the manuals for the classes, but was just never really interested in F5
    Reply With Quote Quote  

  8. Are we having fun yet? UnixGuy's Avatar
    Join Date
    Mar 2008
    Posts
    3,327

    Certifications
    GCFA, eJPT, RHCE, Solaris 10, SNIA SCSP, Security+, Server+, ITILv3, CCNA (Expired)
    #7
    I would say it's hard to get the training without having a day to day job that uses f5. Employers ask for it true, but you can pick it up easily.

    Your best bet would be to find something in cbt nuggets or udemy or something. Do the free trainings on f5 website to get an idea of the different, that should set you apart from candidates who never touched f5.
    Goal: GCFA (DONE), GPEN
    Reply With Quote Quote  

  9. Senior Member
    Join Date
    Oct 2016
    Location
    NJ
    Posts
    312

    Certifications
    CCNP R&S, CCNA(Security/Data Center), PCNSE 7, MCITP: Exchange 2010
    #8
    Routehub.net has a good course on it to get you started and the LAB VM that NotHackingYou mentioned is helpful for learning. Maybe buy 2 that way you can setup High Availability
    Reply With Quote Quote  

  10. Senior Member PocketLumberjack's Avatar
    Join Date
    Oct 2015
    Posts
    142

    Certifications
    CCENT, CompTIA N+, ITIL Foundation
    #9
    I've looked at their free stuff and it looks pretty comprehensive. I haven't tried it but there is an F5 add-in for GNS3. I have been thinking about this one because my place of work has "a fleet of F5 boxes."
    2017 Goals:
    (X) CCENT ( ) First 1/2 of CCNA CyberOps ( ) Complete 1/2 of WGU BS CIA
    Not Started| In Progress |Done
    C182 C836 C779 C393 C394 C173 C837 C178 C838 C175 C170 C176 C839 C840 C841 C842 C843 C844 C845 C769
    Reply With Quote Quote  

  11. Woohoo! It's over 1000!
    Join Date
    Aug 2015
    Location
    Australia
    Posts
    1,680

    Certifications
    RHCSA, Linux+, ACSA, ACTC, ACSP, MCSA:7, MCTS, ITIL F, Prince2 Pract, AgilePM Practioner, VCP-DCV, Storage+, CCNA R+S, CCNA Sec, Security+, CEH, CASP
    #10
    OK, so so far I've got the impression that:

    Hands on (probably real world) experience is a requirement for the certification
    The first exam isn't too tough
    There is a lab VM available for about $96 from CVM
    There is a 200 minute course from routehub.net for $75 which also goes through setting up a lab
    The free online training at f5 is pretty good
    There are ~100pp free study guides from f5

    So it looks like for under $300, I can get a good lab set up, plus an online course, plus free resources from F5, but to pass exam 2 (TMOS) I'll need good hands on. Seems doable, and as UnixGuy suggests, even getting only some knowledge will be useful.

    Are there any current, good books?
    2017 Goals - MCSA 2008, CISSP, CCNP:R+S, Agile PM
    Reply With Quote Quote  

  12. Senior Member mbarrett's Avatar
    Join Date
    Apr 2016
    Location
    DC
    Posts
    338

    Certifications
    CISSP CEH CCNP Security
    #11
    Quote Originally Posted by jeremywatts2005 View Post
    I taught F5 for about a month or two and was working through the certification process. The 101 cert is basically a glorified Network+ exam. The 202 is more focused on F5 products themselves. I should've kept the manuals for the classes, but was just never really interested in F5
    I went to a couple of the Big-IP Admin classes, and the 101 is just basic networking but the 201 is all TMOS, which is the F5 CLI language. Both tests are required for the Big-IP Administrator certification which is their entry-level cert.
    Not sure where to get the necessary training though, I would start with the Exam study guides on the F5 University site.
    Reply With Quote Quote  

  13. Achieve excellence daily
    Join Date
    May 2012
    Location
    Washington State
    Posts
    1,341

    Certifications
    CISSP
    #12
    There are sample exams on F5 as well. If I recall, both exams had questions that were specific to TMOS and networking. Questions are very detailed and require you to have a good knowledge of how to configure something and how it will work.

    I would encourage you to take TCPDumps on each side of the F5 after setting up a VIP. Examine the packet (especially src/dst IP) on each side of the F5. Understand how the different options in the virtual server will manipulate the packet on egress of the F5. Especially understand the different types of SNAT, how to override the next pool member, how a node is selected for different load balancing types, etc.
    When you go the extra mile, there's no traffic.
    Reply With Quote Quote  

  14. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #13
    I am the F5 person at my job. Truth be told the project was given to me without any prior load balancing experience, and I was able to figure it out. I watched their videos and read a lot of white pages, but without actually working on the equipment I'm not sure how one would be able to learn much. It's not that hard (although you can get crazy with it but we do not). You've got back end servers you want load balanced. So, you make an F5 virtual server with a virtual IP (which is used as the DNS entry IP in whatever you use for DNS) and listen in on certain ports (80, 443, etc), and send the traffic to the actual servers. There's SNATs, SSL off loading, custom monitors, active/standby configs to learn and more but it's really not that hard.
    Reply With Quote Quote  

  15. Member
    Join Date
    Feb 2016
    Posts
    86

    Certifications
    A+ CE, Security+ CE, GSEC
    #14
    I'm new to my position (about 7 months in), but F5 has been a big part. I've done all of the free F5 trainings, and while helpful, they really don't come anywhere near the actual management of the device. So far, the only real training course I've done has been for ASM. The whole thing is just a beast, I really don't know how someone could learn it without having hands on every day. If you find more resources, I'd be interested to know them as well.
    Reply With Quote Quote  

  16. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #15
    Are you sure the F5 certification is something you want? I see tons of network engineer jobs asking for the skill set, but none ask for the certificate itself. If you want the cert to gain the skill, that makes sense but it will be tough. I know they have virtual F5s (our server guy used them when testing his Exchange 2016 stuff) but not sure how you would go about getting them.

    In my case, I know we could be doing more advanced monitors, and we only have LTM as well. I hardly ever touch the things as we do not spin up new apps/services a lot (company of 3000). Lot of work went into the project, and now it just runs itself. I did change out an expiring cert today though, but unless the job was solely load balancing or the company was very large, I do not think there's a lot of everyday config going on for most people who do the load balancing at their place of work.

    I had the luxury of having 4 F5s sitting brand new in boxes while our ACE's were still in production, and built labs and learned hands on. So when implementation time came, there wasn't a real surprise. I ran into one problem I'll share here. When you create a Virtual Server in a disabled state with a unique IP, it will create separate object for that IP that is in an enabled state. This was a problem for me, because this causes the F5 to send a gratuitous ARP. Now everything for X application went to the F5 (which had the VS in a disabled state) instead of the ACE, and I did this in the middle of the day. Totally did not expect this behavior, caused me some grief and I did it TWICE! Never again!
    Reply With Quote Quote  

  17. Achieve excellence daily
    Join Date
    May 2012
    Location
    Washington State
    Posts
    1,341

    Certifications
    CISSP
    #16
    Quote Originally Posted by globalenjoi View Post
    I'm new to my position (about 7 months in), but F5 has been a big part. I've done all of the free F5 trainings, and while helpful, they really don't come anywhere near the actual management of the device. So far, the only real training course I've done has been for ASM. The whole thing is just a beast, I really don't know how someone could learn it without having hands on every day. If you find more resources, I'd be interested to know them as well.
    I agree totally. ASM would be very difficult to grasp without at a minimum some prior F5 experience. ASM is a huge product.
    When you go the extra mile, there's no traffic.
    Reply With Quote Quote  

  18. Woohoo! It's over 1000!
    Join Date
    Aug 2015
    Location
    Australia
    Posts
    1,680

    Certifications
    RHCSA, Linux+, ACSA, ACTC, ACSP, MCSA:7, MCTS, ITIL F, Prince2 Pract, AgilePM Practioner, VCP-DCV, Storage+, CCNA R+S, CCNA Sec, Security+, CEH, CASP
    #17
    Quote Originally Posted by hurricane1091 View Post
    Are you sure the F5 certification is something you want? I see tons of network engineer jobs asking for the skill set, but none ask for the certificate itself.
    One advantage for following the certification track is that it's a good way to ensure that I've covered all the bases. Even if I don't get a certification, it's a good starting place.

    When you learn just by doing, what you learn is skewed by the environment you are working in. If you make heavy use of some features and no use of others, you end up with an unbalanced knowledge: very deep in some areas and very shallow in others. So you end up with blind spots, which affect troubleshooting and your approach to design.

    And in the end, if I do learn enough to get a certification, it's nice to verify those competencies independently.
    2017 Goals - MCSA 2008, CISSP, CCNP:R+S, Agile PM
    Reply With Quote Quote  

  19. Woohoo! It's over 1000!
    Join Date
    Aug 2015
    Location
    Australia
    Posts
    1,680

    Certifications
    RHCSA, Linux+, ACSA, ACTC, ACSP, MCSA:7, MCTS, ITIL F, Prince2 Pract, AgilePM Practioner, VCP-DCV, Storage+, CCNA R+S, CCNA Sec, Security+, CEH, CASP
    #18
    Quote Originally Posted by NotHackingYou View Post
    I agree totally. ASM would be very difficult to grasp without at a minimum some prior F5 experience. ASM is a huge product.
    This is very good to know, since LTM and ASM are the two things I see come up the most. It looks like the official training courses for both are about the same length, although the ASM does seem to suggest that LTM knowledge is useful. A lot of the training providers bundle their Administrator and LTM courses into 5 days, so it seems that is a logical place to start, with the rest being "add ons".
    2017 Goals - MCSA 2008, CISSP, CCNP:R+S, Agile PM
    Reply With Quote Quote  

  20. Senior Member
    Join Date
    May 2014
    Location
    NJ
    Posts
    849

    Certifications
    CCNP: R&S, CCDA, CCNA: Security, CCNA: R&S, MTA: Networking Fundamentals, Security+, Network+, Linux+, A+, Project+
    #19
    Quote Originally Posted by OctalDump View Post
    One advantage for following the certification track is that it's a good way to ensure that I've covered all the bases. Even if I don't get a certification, it's a good starting place.

    When you learn just by doing, what you learn is skewed by the environment you are working in. If you make heavy use of some features and no use of others, you end up with an unbalanced knowledge: very deep in some areas and very shallow in others. So you end up with blind spots, which affect troubleshooting and your approach to design.

    And in the end, if I do learn enough to get a certification, it's nice to verify those competencies independently.
    I understand this, and you do not have to look any further than my knowledge due to the CCNP vs the other network engineer's here without it. It appears that older F5 BIG-IP appliances can be picked up on eBay for rather cheap (amazing how this crap depreciates, we just paid 80k for 5 F5 appliances w/ support). I have no idea the functionality they provide or if they run the latest code though, and won't even speculate.

    Make no mistake, I know there's so much more to know about the F5 LTM. I never really fathom a scenario where I'll be doing F5 stuff every single day, so I guess I just take what I know and accept it. This is just a personal thing, where I have the feeling that my knowledge of networking is what will land me a job, with the F5 knowledge icing on the cake that I can further improve if need be. I most certainly feel better about myself with routing/switching because I know the ins/outs, so if you are up to the task for the F5 certs - for sure have a go at them. Especially if you do not have the chance to do them at your current job, you need to learn somehow. Unfortunately the two jobs I am looking at do not involve me doing load balancers at all, but that's just kind of how the network engineer role is. Some require it, some do not. Some require VoIP knowledge, some do not. Situational thing for sure.
    Reply With Quote Quote  

  21. Tecnomancer trojin's Avatar
    Join Date
    May 2013
    Location
    Ireland
    Posts
    104

    Certifications
    A+,S/S/S+,N+, CASP,CSA+,CCNA R/S & Sec & Cyber OPS, SSCP,EMC NetWorker Specialist,SNIA SCSE,Prince 2,EITCA-IS,F5 BIG-IP CA, Intel Sec NSP
    #20
    Quote Originally Posted by NotHackingYou View Post
    There are sample exams on F5 as well. If I recall, both exams had questions that were specific to TMOS and networking. Questions are very detailed and require you to have a good knowledge of how to configure something and how it will work.

    I would encourage you to take TCPDumps on each side of the F5 after setting up a VIP. Examine the packet (especially src/dst IP) on each side of the F5. Understand how the different options in the virtual server will manipulate the packet on egress of the F5. Especially understand the different types of SNAT, how to override the next pool member, how a node is selected for different load balancing types, etc.
    Where you found sample questions?
    Reply With Quote Quote  

+ Reply to Thread

Social Networking & Bookmarks