F5 XC Customer Edge Deployment Mode on AWS

This deployment mode is ideal for scenarios where backend applications are isolated from internet access, providing a secure and private connection to these applications for maximum security and privacy.

In this setup, Customer Edge sites can connect private customer sites to the Distributed Cloud Global Network through IPSEC tunnels initiated from the Distributed Cloud Customer Edge to the nearest two Regional Edge sites, enabling a secure and private link to backend applications.

In this lab, you'll deploy an AWS Elastic Kubernetes cluster configured with a NodePort and attach it as a source to the F5 HTTPS Load Balancer. The F5 HTTPS Load Balancer will connect to the AWS Elastic Kubernetes cluster through an IPSEC tunnel established via the F5 AWS Vnet Site.

All components will be deployed using the vesctl F5 command-line tool. Traffic from the F5 HTTPS Load Balancer will flow across the Distributed Cloud Global Network to an egress Regional Edge and then through an IPSEC tunnel to the Customer Edge site, where it will be directed to the backend application as pure IP-based traffic.

Build expertise in deploying multi-tier applications on AWS and F5 Distributed Cloud using the vesctl command-line tool and Ansible for seamless integration and automation.

Learn to connect F5 Distributed Cloud with AWS Elastic Kubernetes Service (EKS) to securely manage traffic to and from containerized applications, enhancing both security and scalability.

Master the setup of IPSEC tunnels to enable private communication between AWS Elastic Kubernetes clusters and F5 Distributed Cloud, ensuring secure and reliable data exchange.

Discover the advanced capabilities of F5 Distributed Cloud, including:

• Web Application Firewall (WAF) for robust security.
• Bot protection to mitigate malicious traffic.
• API protection for secure API interactions.
• SSL termination for encrypted data transmission.

Implement comprehensive security mechanisms, such as Layer 3 (L3) and Layer 7 (L7) DDoS protection, to defend applications against cyber threats.

Achieve a deep understanding of deploying and securing containerized applications on AWS Elastic Kubernetes Service, leveraging F5 Distributed Cloud's advanced features to provide a secure, scalable, and highly available infrastructure.

• AWS Account
• AWS Elastic Kubernetes Service 
• F5 Web Application Firewall 
• F5 AWS VPC Site 
• F5 Service Discovery 
• F5 Cloud Credentials