Overview
This three-day course gives network administrators, network operators, and network engineers a functional understanding of BIG-IP Access Policy Manager as it is commonly deployed in both application delivery network and remote access settings. The course introduces students to BIG-IP Access Policy Manager, its configuration objects, how it commonly deployed, and how typical administrative and operational activities are performed. The course includes lecture, hands-on labs, interactive demonstrations, and discussions.
Duration 3 days.
You can find current trainings on training calendar page.
Training Prerequisites
Students must complete one of the following F5 prerequisites before attending this course:
- Administering BIG-IP instructor-led course-or-
- F5 Certified BIG-IP Administrator
The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.
- Getting Started with BIG-IP web-based training
- Getting Started with BIG-IP Local Traffic Manager (LTM) web-based training
- Getting Started with BIG-IP Access Policy Manager (APM) web-based training
The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:
- OSI model encapsulation
- Routing and switching
- Ethernet and ARP
- TCP/IP concepts
- IP addressing and subnetting
- NAT and private IP addressing
- Default gateway
- Network firewalls
- LAN vs. WAN
The following course-specific knowledge and experience is suggested before attending this course:
- Hands-on experience with BIG-IP
- Basic web application delivery (BIG-IP LTM)
- HTML, HTTP, HTTPS as well as some CSS and JavaScript
- Telnet, SSH and TLS/SSL
- VPN or tunnel encapsulation, Layer 4 NAT and Access Control Lists
Training Contents
The content of this training is as follows. We recommend that you review before training.
- Introducing the BIG-IP System
- Initially Setting Up the BIG-IP System
- Archiving the BIG-IP Configuration
- Leveraging F5 Support Resources and Tools
- Review of BIG-IP LTM
- Introduction to the Access Policy
- Web Access Application Configuration Overview
- Web Application Access Configuration in Detail
- Navigating the Access Policy
- BIG-IP APM Sessions and Access Licenses
- Session Variables and sessiondump
- Session Cookies
- Access Policy General Purpose Agents List
- Introduction to Access Policy Authentication
- Active Directory AAA Server
- RADIUS
- One-Time Password
- Local User Database
- List of Assignment Agents
- Introduction to Portal Access
- Portal Access Configuration Overview
- Portal Access Configuration
- Portal Access in Action
- Concurrent User Licensing
- VPN Concepts
- Network Access Configuration Overview
- Network Access Configuration
- Network Access in Action
- Access Policy Macros
- Configuring Macros
- An Access Policy is a Flowchart
- Access Policy Logon Agents
- Configuring Logon Agents
- Client-Side Endpoint Security
- Server-Side Endpoint Security Agents List
- Server-Side and Client-Side Checks Differences
- Active Directory Query
- Active Directory Nested Groups
- Configuration in Detail
- Application Access
- Remote Desktop
- Network Access Optimized Tunnels
- Landing Page Bookmarks
- Introduction to Access Control Lists
- Configuration Overview
- Dynamic ACLs
- Portal Access ACLs
- Remote Desktop Single Sign-On
- Portal Access Single Sign-On
- iRules Introduction
- Basic TCL Syntax
- iRules and Advanced Access Policy Rules
- Customization Overview
- BIG-IP Edge Client
- Advanced Edit Mode Customization
- Landing Page Sections
- SAML Conceptual Overview
- SAML Configuration Overview
- Webtops
- Wizards
- BIG-IP Edge Client for Windows Installation
- BIG-IP Edge Client in Action
- Configuration Project
Training Objectives
- Configure remote access methods Network Access, Portal Access and Application Access and understand the differences and use cases for each
- Configure APM and LTM to work together for advanced application delivery as well as understand the APM + LTM use case versus the remote access use case
- Configure advanced policies using the Visual Policy Editor with all of its features such as macros, branches and multiple endings
- Understand the role of iRules and how they work together with BIG-IP in general and APM in specific
- Understand the role of Federated Single Sign-On using SAML and deploy a basic configuration
- Configure multiple authentication methods and understand how they can work together in a single access policy
- Set up, license, and provision the BIG-IP system out-of-the-box
- Create, restore from, and manage BIG-IP archives
- Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server
Who should attend?
This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.
- Overview
- Prerequisites
- Contents
- Objectives
- Audience
Overview
This three-day course gives network administrators, network operators, and network engineers a functional understanding of BIG-IP Access Policy Manager as it is commonly deployed in both application delivery network and remote access settings. The course introduces students to BIG-IP Access Policy Manager, its configuration objects, how it commonly deployed, and how typical administrative and operational activities are performed. The course includes lecture, hands-on labs, interactive demonstrations, and discussions.
Duration 3 days.
You can find current trainings on training calendar page.
Training Prerequisites
Students must complete one of the following F5 prerequisites before attending this course:
- Administering BIG-IP instructor-led course-or-
- F5 Certified BIG-IP Administrator
The following free web-based courses, although optional, will be very helpful for any student with limited BIG-IP administration and configuration experience.
- Getting Started with BIG-IP web-based training
- Getting Started with BIG-IP Local Traffic Manager (LTM) web-based training
- Getting Started with BIG-IP Access Policy Manager (APM) web-based training
The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:
- OSI model encapsulation
- Routing and switching
- Ethernet and ARP
- TCP/IP concepts
- IP addressing and subnetting
- NAT and private IP addressing
- Default gateway
- Network firewalls
- LAN vs. WAN
The following course-specific knowledge and experience is suggested before attending this course:
- Hands-on experience with BIG-IP
- Basic web application delivery (BIG-IP LTM)
- HTML, HTTP, HTTPS as well as some CSS and JavaScript
- Telnet, SSH and TLS/SSL
- VPN or tunnel encapsulation, Layer 4 NAT and Access Control Lists
Training Contents
The content of this training is as follows. We recommend that you review before training.
- Introducing the BIG-IP System
- Initially Setting Up the BIG-IP System
- Archiving the BIG-IP Configuration
- Leveraging F5 Support Resources and Tools
- Review of BIG-IP LTM
- Introduction to the Access Policy
- Web Access Application Configuration Overview
- Web Application Access Configuration in Detail
- Navigating the Access Policy
- BIG-IP APM Sessions and Access Licenses
- Session Variables and sessiondump
- Session Cookies
- Access Policy General Purpose Agents List
- Introduction to Access Policy Authentication
- Active Directory AAA Server
- RADIUS
- One-Time Password
- Local User Database
- List of Assignment Agents
- Introduction to Portal Access
- Portal Access Configuration Overview
- Portal Access Configuration
- Portal Access in Action
- Concurrent User Licensing
- VPN Concepts
- Network Access Configuration Overview
- Network Access Configuration
- Network Access in Action
- Access Policy Macros
- Configuring Macros
- An Access Policy is a Flowchart
- Access Policy Logon Agents
- Configuring Logon Agents
- Client-Side Endpoint Security
- Server-Side Endpoint Security Agents List
- Server-Side and Client-Side Checks Differences
- Active Directory Query
- Active Directory Nested Groups
- Configuration in Detail
- Application Access
- Remote Desktop
- Network Access Optimized Tunnels
- Landing Page Bookmarks
- Introduction to Access Control Lists
- Configuration Overview
- Dynamic ACLs
- Portal Access ACLs
- Remote Desktop Single Sign-On
- Portal Access Single Sign-On
- iRules Introduction
- Basic TCL Syntax
- iRules and Advanced Access Policy Rules
- Customization Overview
- BIG-IP Edge Client
- Advanced Edit Mode Customization
- Landing Page Sections
- SAML Conceptual Overview
- SAML Configuration Overview
- Webtops
- Wizards
- BIG-IP Edge Client for Windows Installation
- BIG-IP Edge Client in Action
- Configuration Project
Training Objectives
- Configure remote access methods Network Access, Portal Access and Application Access and understand the differences and use cases for each
- Configure APM and LTM to work together for advanced application delivery as well as understand the APM + LTM use case versus the remote access use case
- Configure advanced policies using the Visual Policy Editor with all of its features such as macros, branches and multiple endings
- Understand the role of iRules and how they work together with BIG-IP in general and APM in specific
- Understand the role of Federated Single Sign-On using SAML and deploy a basic configuration
- Configure multiple authentication methods and understand how they can work together in a single access policy
- Set up, license, and provision the BIG-IP system out-of-the-box
- Create, restore from, and manage BIG-IP archives
- Use profiles to manipulate the way the BIG-IP system processes traffic through a virtual server
Who should attend?
This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.
