F5 Networks Configuring BIG-IP APM: Access Policy Manager
This three-day course gives network administrators, network operators, and network engineers a functional understanding of BIG-IP Access Policy Manager as it is commonly deployed in both application delivery network and remote access settings. The course introduces students to BIG-IP Access Policy Manager, its configuration objects, how it commonly deployed, and how typical administrative and operational activities are performed. The course includes lecture, hands-on labs, interactive demonstrations, and discussions.
By the end of this course, participants will be able to:
-
Equip administrators with the skills to design, implement, and manage access policies that provide secure and user-friendly access to applications and data.
-
Configure remote access methods including Network Access, Portal Access, and Application Access.
-
Build advanced access policies using the Visual Policy Editor, macros, branching, and multiple endings.
-
Implement Single Sign-On with SAML in both Service Provider (SP) and Identity Provider (IdP) roles.
-
Deploy multi-factor authentication and integrate multiple authentication methods into access policies.
-
Combine APM with LTM for advanced application delivery scenarios.
-
Apply iRules within APM policies to customize and extend functionality.
-
Monitor, troubleshoot, and tune APM deployments for performance and security.
This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.
Administering BIG-IP; basic familiarity with authentication mechanisms (e.g. LDAP, Active Directory) and webserver technologies (e.g. HTTP, HTML)
- Introducing the BIG-IP System
- Initially Setting Up the BIG-IP System
- Archiving the BIG-IP Configuration
- Leveraging F5 Support Resources and Tools
- Review of BIG-IP LTM
- Introduction to the Access Policy
- Web Access Application Configuration Overview
- Web Application Access Configuration in Detail
- Navigating the Access Policy
- BIG-IP APM Sessions and Access Licenses
- Session Variables and sessiondump
- Session Cookies
- Access Policy General Purpose Agents List
- Introduction to Access Policy Authentication
- Active Directory AAA Server
- RADIUS
- One-Time Password
- Local User Database
- List of Assignment Agents
- Introduction to Portal Access
- Portal Access Configuration Overview
- Portal Access Configuration
- Portal Access in Action
- Concurrent User Licensing
- VPN Concepts
- Network Access Configuration Overview
- Network Access Configuration
- Network Access in Action
- Access Policy Macros
- Configuring Macros
- An Access Policy is a Flowchart
- Access Policy Logon Agents
- Configuring Logon Agents
- Client-Side Endpoint Security
- Server-Side Endpoint Security Agents List
- Server-Side and Client-Side Checks Differences
- Active Directory Query
- Active Directory Nested Groups
- Configuration in Detail
- Application Access
- Remote Desktop
- Network Access Optimized Tunnels
- Landing Page Bookmarks
- Introduction to Access Control Lists
- Configuration Overview
- Dynamic ACLs
- Portal Access ACLs
- Remote Desktop Single Sign-On
- Portal Access Single Sign-On
- iRules Introduction
- Basic TCL Syntax
- iRules and Advanced Access Policy Rules
- Customization Overview
- BIG-IP Edge Client
- Advanced Edit Mode Customization
- Landing Page Sections
- SAML Conceptual Overview
- SAML Configuration Overview
- Webtops
- Wizards
- BIG-IP Edge Client for Windows Installation
- BIG-IP Edge Client in Action