F5 Networks Configuring BIG-IP APM: Access Policy Manager

Prerequisites:

Administering BIG-IP; basic familiarity with authentication mechanisms (e.g. LDAP, Active Directory) and webserver technologies (e.g. HTTP, HTML)

Target Audience:

This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.

Course Objectives:

• Configure remote access methods Network Access, Portal Access and Application Access and understand the differences and use cases for each
• Configure APM and LTM to work together for advanced application delivery as well as understand the APM + LTM use case versus the remote access use case
• Configure advanced policies using the Visual Policy Editor with all of its features such as macros, branches and multiple endings
• Understand the role of iRules and how they work together with BIG-IP in general and APM in specific
• Understand the role of Federated Single Sign-On using SAML and deploy a basic configuration
• Configure multiple authentication methods and understand how they can work together in a single access policy
• Set up, license, and provision the BIG-IP system out-of-the-box
• Create, restore from, and manage BIG-IP archives
• Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server

Course Outline:

Lesson 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System 
• Initially Setting Up the BIG-IP System 
• Archiving the BIG-IP Configuration 
• Leveraging F5 Support Resources and Tools

Lesson 2: Configuring Web Application Access

• Review of BIG-IP LTM 
• Introduction to the Access Policy 
• Web Access Application Configuration Overview 
• Web Application Access Configuration in Detail

Lesson 3: Exploring the Access Policy

• Navigating the Access Policy

Lesson 4: Managing BIG-IP APM

• BIG-IP APM Sessions and Access Licenses 
• Session Variables and sessiondump 
• Session Cookies 
• Access Policy General Purpose Agents List

Lesson 5: Using Authentication

• Introduction to Access Policy Authentication 
• Active Directory AAA Server 
• RADIUS 
• One-Time Password 
• Local User Database

Lesson 6: Understanding Assignment Agents

• List of Assignment Agents

Lesson 7: Configuring Portal Access

• Introduction to Portal Access 
• Portal Access Configuration Overview 
• Portal Access Configuration 
• Portal Access in Action

Lesson 8: Configuring Network Access

• Concurrent User Licensing 
• VPN Concepts 
• Network Access Configuration Overview 
• Network Access Configuration 
• Network Access in Action

Lesson 9: Deploying Macros

• Access Policy Macros 
• Configuring Macros 
• An Access Policy is a Flowchart 
• Access Policy Logon Agents 
• Configuring Logon Agents

Lesson 10: Exploring Client-Side Checks

• Client-Side Endpoint Security

Lesson 11: Exploring Server-Side Checks

• Server-Side Endpoint Security Agents List 
• Server-Side and Client-Side Checks Differences

Lesson 12: Using Authorization

• Active Directory Query 
• Active Directory Nested Groups 
• Configuration in Detail

Lesson 13: Configuring App Tunnels

• Application Access 
• Remote Desktop 
• Network Access Optimized Tunnels 
• Landing Page Bookmarks

Lesson 14: Deploying Access Control Lists

• Introduction to Access Control Lists 
• Configuration Overview 
• Dynamic ACLs 
• Portal Access ACLs

Lesson 15: Signing On with SSO

• Remote Desktop Single Sign-On 
• Portal Access Single Sign-On

Lesson 16: Using iRules

• iRules Introduction 
• Basic TCL Syntax 
• iRules and Advanced Access Policy Rules

Lesson 17: Customizing BIG-IP APM

• Customization Overview 
• BIG-IP Edge Client 
• Advanced Edit Mode Customization 
• Landing Page Sections

Lesson 18: Deploying SAML

• SAML Conceptual Overview 
• SAML Configuration Overview

Lesson 19: Exploring Webtops and Wizards

• Webtops 
• Wizards

Lesson 20: Using BIG-IP Edge Client

• BIG-IP Edge Client for Windows Installation 
• BIG-IP Edge Client in Action

Lesson 21: Configuration Project