F5 Networks Configuring BIG-IP APM: Access Policy Manager

This three-day course gives network administrators, network operators, and network engineers a functional understanding of BIG-IP Access Policy Manager as it is commonly deployed in both application delivery network and remote access settings. The course introduces students to BIG-IP Access Policy Manager, its configuration objects, how it commonly deployed, and how typical administrative and operational activities are performed. The course includes lecture, hands-on labs, interactive demonstrations, and discussions.

Course Information

Price: $3,300.00
Duration: 3 days
Learning Credits:
Course Delivery Options

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

Train face-to-face with the live instructor.

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you. An SLI sales rep will confirm location availability prior to registration confirmation.

Attend the live class from the comfort of your home or office.

All Sunset Learning dates are guaranteed to run!



Administering BIG-IP; basic familiarity with authentication mechanisms (e.g. LDAP, Active Directory) and webserver technologies (e.g. HTTP, HTML)


Target Audience:

This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.


Course Objectives:

  • Configure remote access methods Network Access, Portal Access and Application Access and understand the differences and use cases for each
  • Configure APM and LTM to work together for advanced application delivery as well as understand the APM + LTM use case versus the remote access use case
  • Configure advanced policies using the Visual Policy Editor with all of its features such as macros, branches and multiple endings
  • Understand the role of iRules and how they work together with BIG-IP in general and APM in specific
  • Understand the role of Federated Single Sign-On using SAML and deploy a basic configuration
  • Configure multiple authentication methods and understand how they can work together in a single access policy
  • Set up, license, and provision the BIG-IP system out-of-the-box
  • Create, restore from, and manage BIG-IP archives
  • Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server


Course Outline:

Lesson 1: Setting Up the BIG-IP System

  • Introducing the BIG-IP System 
  • Initially Setting Up the BIG-IP System 
  • Archiving the BIG-IP Configuration 
  • Leveraging F5 Support Resources and Tools

Lesson 2: Configuring Web Application Access

  • Review of BIG-IP LTM 
  • Introduction to the Access Policy 
  • Web Access Application Configuration Overview 
  • Web Application Access Configuration in Detail

Lesson 3: Exploring the Access Policy

  • Navigating the Access Policy

Lesson 4: Managing BIG-IP APM

  • BIG-IP APM Sessions and Access Licenses 
  • Session Variables and sessiondump 
  • Session Cookies 
  • Access Policy General Purpose Agents List

Lesson 5: Using Authentication

  • Introduction to Access Policy Authentication 
  • Active Directory AAA Server 
  • One-Time Password 
  • Local User Database

Lesson 6: Understanding Assignment Agents

  • List of Assignment Agents

Lesson 7: Configuring Portal Access

  • Introduction to Portal Access 
  • Portal Access Configuration Overview 
  • Portal Access Configuration 
  • Portal Access in Action

Lesson 8: Configuring Network Access

  • Concurrent User Licensing 
  • VPN Concepts 
  • Network Access Configuration Overview 
  • Network Access Configuration 
  • Network Access in Action

Lesson 9: Deploying Macros

  • Access Policy Macros 
  • Configuring Macros 
  • An Access Policy is a Flowchart 
  • Access Policy Logon Agents 
  • Configuring Logon Agents

Lesson 10: Exploring Client-Side Checks

  • Client-Side Endpoint Security

Lesson 11: Exploring Server-Side Checks

  • Server-Side Endpoint Security Agents List 
  • Server-Side and Client-Side Checks Differences

Lesson 12: Using Authorization

  • Active Directory Query 
  • Active Directory Nested Groups 
  • Configuration in Detail

Lesson 13: Configuring App Tunnels

  • Application Access 
  • Remote Desktop 
  • Network Access Optimized Tunnels 
  • Landing Page Bookmarks

Lesson 14: Deploying Access Control Lists

  • Introduction to Access Control Lists 
  • Configuration Overview 
  • Dynamic ACLs 
  • Portal Access ACLs

Lesson 15: Signing On with SSO

  • Remote Desktop Single Sign-On 
  • Portal Access Single Sign-On

Lesson 16: Using iRules

  • iRules Introduction 
  • Basic TCL Syntax 
  • iRules and Advanced Access Policy Rules

Lesson 17: Customizing BIG-IP APM

  • Customization Overview 
  • BIG-IP Edge Client 
  • Advanced Edit Mode Customization 
  • Landing Page Sections

Lesson 18: Deploying SAML

  • SAML Conceptual Overview 
  • SAML Configuration Overview

Lesson 19: Exploring Webtops and Wizards

  • Webtops 
  • Wizards

Lesson 20: Using BIG-IP Edge Client

  • BIG-IP Edge Client for Windows Installation 
  • BIG-IP Edge Client in Action

Lesson 21: Configuration Project