At the end of this course, the student will be able to:

• Configure remote access methods Network Access, Portal Access and Application Access and understand the differences and use cases for each
• Configure APM and LTM to work together for advanced application delivery as well as understand the APM + LTM use case versus the remote access use case
• Configure advanced policies using the Visual Policy Editor with all of its features such as macros, branches and multiple endings
• Understand the role of iRules and how they work together with BIG-IP in general and APM in specific
• Understand the role of Federated Single Sign-On using SAML and deploy a basic configuration
• Configure multiple authentication methods and understand how they can work together in a single access policy
• Set up, license, and provision the BIG-IP system out-of-the-box
• Create, restore from, and manage BIG-IP archives
• Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server

Chapter 1: Setting Up the BIG-IP System

• Introducing the BIG-IP System
• Initially Setting Up the BIG-IP System
• Archiving the BIG-IP Configuration
• Leveraging F5 Support Resources and Tools

Chapter 2: Configuring Web Application Access

• Review of BIG-IP LTM
• Introduction to the Access Policy
• Web Access Application Configuration Overview
• Web Application Access Configuration in Detail

Chapter 3: Exploring the Access Policy

• Navigating the Access Policy

Chapter 4: Managing BIG-IP APM

• BIG-IP APM Sessions and Access Licenses
• Session Variables and sessiondump
• Session Cookies
• Access Policy General Purpose Agents List

Chapter 5: Using Authentication

• Introduction to Access Policy Authentication
• Active Directory AAA Server
• RADIUS
• One-Time Password
• Local User Database

Chapter 6: Understanding Assignment Agents

• List of Assignment Agents

Chapter 7: Configuring Portal Access

• Introduction to Portal Access
• Portal Access Configuration Overview
• Portal Access Configuration
• Portal Access in Action

Chapter 8: Configuring Network Access

• Concurrent User Licensing
• VPN Concepts
• Network Access Configuration Overview
• Network Access Configuration
• Network Access in Action

Chapter 9: Deploying Macros

• Access Policy Macros
• Configuring Macros
• An Access Policy is a Flowchart
• Access Policy Logon Agents
• Configuring Logon Agents

Chapter 10: Exploring Client-Side Checks

• Client-Side Endpoint Security

Chapter 11: Exploring Server-Side Checks

• Server-Side Endpoint Security Agents List
• Server-Side and Client-Side Checks Differences

Chapter 12: Using Authorization

• Active Directory Query
• Active Directory Nested Groups
• Configuration in Detail

Chapter 13: Configuring App Tunnels

• Application Access
• Remote Desktop
• Network Access Optimized Tunnels
• Landing Page Bookmarks

Chapter 14: Deploying Access Control Lists

• Introduction to Access Control Lists
• Configuration Overview
• Dynamic ACLs
• Portal Access ACLs

Chapter 15: Signing On with SSO

• Remote Desktop Single Sign-On
• Portal Access Single Sign-On

Chapter 16: Using iRules

• iRules Introduction
• Basic TCL Syntax
• iRules and Advanced Access Policy Rules

Chapter 17: Customizing BIG-IP APM

• Customization Overview
• BIG-IP Edge Client
• Advanced Edit Mode Customization
• Landing Page Sections

Chapter 18: Deploying SAML

• SAML Conceptual Overview
• SAML Configuration Overview

Chapter 19: Exploring Webtops and Wizards

• Webtops
• Wizards

Chapter 20: Using BIG-IP Edge Client

• BIG-IP Edge Client for Windows Installation
• BIG-IP Edge Client in Action

Chapter 21: Configuration Project

Chapter 22: Additional Training and Certification

• Getting Started Series Web-Based Training
• F5 Instructor Led Training Curriculum
• F5 Professional Certification Program

This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.

Students must complete one of the following F5 prerequisites before attending this course:

• Administering BIG-IP (ILT)
• F5 Certified BIG-IP Administrator

Suggested Prework

The following free Self-Directed Training (SDT) courses, although optional, are helpful for any student with limited BIG-IP administration and configuration experience:

• Getting Started with BIG-IP
• Getting Started with Local Traffic Manager (LTM)
• Getting Started with BIG-IP Access Policy Manager (APM)

General network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course, including OSI model encapsulation, routing and switching, Ethernet and ARP, TCP/IP concepts, IP addressing and subnetting, NAT and private IP addressing, NAT and private IP addressing, default gateway, network firewalls, and LAN vs. WAN.

The following course-specific knowledge and experience is suggested before attending this course:

• Hands-on experience with BIG-IP
• Basic web application delivery (BIG-IP LTM)
• HTML, HTTP, HTTPS as well as some CSS and JavaScript
• Telnet, SSH and TLS/SSL
• VPN or tunnel encapsulation, Layer 4 NAT and Access Control Lists