F5 Networks Configuring BIG-IP APM: Access Policy Manager

This three-day course gives network administrators, network operators, and network engineers a functional understanding of BIG-IP Access Policy Manager as it is commonly deployed in both application delivery network and remote access settings. The course introduces students to BIG-IP Access Policy Manager, its configuration objects, how it commonly deployed, and how typical administrative and operational activities are performed. The course includes lecture, hands-on labs, interactive demonstrations, and discussions.

Course Information

Price: $3,465.00
Duration: 3 days
Learning Credits:
Course Delivery Options

Check out our full list of training locations and learning formats. Please note that the location you choose may be an Established HD-ILT location with a virtual live instructor.

Train face-to-face with the live instructor.

Access to on-demand training content anytime, anywhere.

Attend the live class from the comfort of your home or office.

Interact with a live, remote instructor from a specialized, HD-equipped classroom near you. An SLI sales rep will confirm location availability prior to registration confirmation.

All Sunset Learning dates are guaranteed to run!



Administering BIG-IP; basic familiarity with authentication mechanisms (e.g. LDAP, Active Directory) and webserver technologies (e.g. HTTP, HTML)


Target Audience:

This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.


Course Objectives:

  • Configure remote access methods Network Access, Portal Access and Application Access and understand the differences and use cases for each
  • Configure APM and LTM to work together for advanced application delivery as well as understand the APM + LTM use case versus the remote access use case
  • Configure advanced policies using the Visual Policy Editor with all of its features such as macros, branches and multiple endings
  • Understand the role of iRules and how they work together with BIG-IP in general and APM in specific
  • Understand the role of Federated Single Sign-On using SAML and deploy a basic configuration
  • Configure multiple authentication methods and understand how they can work together in a single access policy
  • Set up, license, and provision the BIG-IP system out-of-the-box
  • Create, restore from, and manage BIG-IP archives
  • Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server


Course Outline:

Lesson 1: Setting Up the BIG-IP System

  • Introducing the BIG-IP System 
  • Initially Setting Up the BIG-IP System 
  • Archiving the BIG-IP Configuration 
  • Leveraging F5 Support Resources and Tools

Lesson 2: Configuring Web Application Access

  • Review of BIG-IP LTM 
  • Introduction to the Access Policy 
  • Web Access Application Configuration Overview 
  • Web Application Access Configuration in Detail

Lesson 3: Exploring the Access Policy

  • Navigating the Access Policy

Lesson 4: Managing BIG-IP APM

  • BIG-IP APM Sessions and Access Licenses 
  • Session Variables and sessiondump 
  • Session Cookies 
  • Access Policy General Purpose Agents List

Lesson 5: Using Authentication

  • Introduction to Access Policy Authentication 
  • Active Directory AAA Server 
  • One-Time Password 
  • Local User Database

Lesson 6: Understanding Assignment Agents

  • List of Assignment Agents

Lesson 7: Configuring Portal Access

  • Introduction to Portal Access 
  • Portal Access Configuration Overview 
  • Portal Access Configuration 
  • Portal Access in Action

Lesson 8: Configuring Network Access

  • Concurrent User Licensing 
  • VPN Concepts 
  • Network Access Configuration Overview 
  • Network Access Configuration 
  • Network Access in Action

Lesson 9: Deploying Macros

  • Access Policy Macros 
  • Configuring Macros 
  • An Access Policy is a Flowchart 
  • Access Policy Logon Agents 
  • Configuring Logon Agents

Lesson 10: Exploring Client-Side Checks

  • Client-Side Endpoint Security

Lesson 11: Exploring Server-Side Checks

  • Server-Side Endpoint Security Agents List 
  • Server-Side and Client-Side Checks Differences

Lesson 12: Using Authorization

  • Active Directory Query 
  • Active Directory Nested Groups 
  • Configuration in Detail

Lesson 13: Configuring App Tunnels

  • Application Access 
  • Remote Desktop 
  • Network Access Optimized Tunnels 
  • Landing Page Bookmarks

Lesson 14: Deploying Access Control Lists

  • Introduction to Access Control Lists 
  • Configuration Overview 
  • Dynamic ACLs 
  • Portal Access ACLs

Lesson 15: Signing On with SSO

  • Remote Desktop Single Sign-On 
  • Portal Access Single Sign-On

Lesson 16: Using iRules

  • iRules Introduction 
  • Basic TCL Syntax 
  • iRules and Advanced Access Policy Rules

Lesson 17: Customizing BIG-IP APM

  • Customization Overview 
  • BIG-IP Edge Client 
  • Advanced Edit Mode Customization 
  • Landing Page Sections

Lesson 18: Deploying SAML

  • SAML Conceptual Overview 
  • SAML Configuration Overview

Lesson 19: Exploring Webtops and Wizards

  • Webtops 
  • Wizards

Lesson 20: Using BIG-IP Edge Client

  • BIG-IP Edge Client for Windows Installation 
  • BIG-IP Edge Client in Action

Lesson 21: Configuration Project