F5 Configuring BIG-IP APM v11: Access Policy Manager

COURSE OUTLINE:

Description

In this course, you will learn about the BIG-IP version 11 APM system as it is commonly deployed in either in an application delivery configuration (LTM + APM use case) or in a remote access setting. You will learn about basic LTM configurations. You will also learn about the three remote access methods supported by APM: Network Access (SSL VPN), Portal Access (reverse proxy), and Application Access (app tunnel).

Audience

System and network administrators responsible for installation, setup, configuration, and administration of the BIG-IP APM system

Prerequisites

An understanding of:

  • Common Security and Network terminology
  • TCP/IP Addressing, Routing and Internetworking concepts
  • Security Authorization and Authentication concepts
  • Common elements of WAN and LAN environments

Proficient in:

  • Basic PC operation and application skills, including Windows OS
  • Basic Web browser operation (Internet Explorer is used in class)

Learning Objectives

  • Installation and setup of the BIG-IP APM system
  • Building Access Policies using the Visual Policy Editor (VPE)
  • Portal Access to both HTTP and HTTPS Web applications
  • Network Access using an SSL VPN tunnel
  • Application Access using an app tunnel
  • Authentication and Authorization using Active Directory and RADIUS
  • Building advanced policy checks using Session Variables and iRules
  • BIG-IP APM administration tools
  • SAML Enterprise single sign-on

1. Setting Up the BIG-IP System

  • Introducing the BIG-IP System
  • Initially Deploying the BIG-IP System
  • Creating a Backup of the BIG-IP System
  • F5 Support Resources and Tools
  • Chapter Resources
  • BIG-IP System Setup Labs

2. APM Traffic Processing

  • Virtual Servers and Access Profiles
  • APM Configuration Wizards
  • Logging
  • Sessions

3. APM Access Policies and Profiles

  • Access Policies Overview
  • Access Policy Branches
  • Access Policy Endings
  • Configuring Access Policies and Profiles
  • Using Webtops
  • Exporting and Importing Access Profiles

4. APM Portal Access

  • Portal Access Overview
  • Configuring Portal Access
  • Rewrite Profiles
  • SSO and Credential Caching

5. APM Network Access

  • Network Access Overview
  • Configuring Network Access
  • BIG-IP Edge Client

6. APM Access Control Lists

  • Access Control of Resources Overview
  • Access Control Lists

7. APM Application Access and Webtops

  • Application Access and Webtops Overview
  • Application Access
  • Configuring Remote Desktop Access
  • Configuring Webtops

8. BIG-IP LTM Concepts

  • LTM Pools and Virtual Servers
  • Monitor Concepts and Configuration
  • Secure Network Address Translation (SNAT)

9. Web Application Access for LTM

  • Web Applications Access for LTM
  • Configuring APM and LTM together
  • Profiles
  • Profile Types and Dependencies
  • Configuring and Using Profiles
  • SSL Termination/Initiation
  • SSL Profile Configuration

10. APM Macros and Authentication Servers

  • Access Policy Macros
  • Configuring Access Policy Macros
  • Authentication with Access Policy Manager
  • Radius Server Authentication
  • LDAP Server Authentication
  • Active Directory Server Authentication
  • One-time Password Authentication

11. Client-Side Endpoint Security

  • Overview of Client-Side Endpoint Security
  • Client-Side Endpoint Security

12. APM Advanced Topics

  • General Purpose Actions
  • Server Side Checks
  • Session Variables
  • Introducing Tcl
  • Access iRules Events
  • Typical APM iRule Use Case
  • Configuring Access iRules
  • Dynamic ACLs

13. Customization

  • Customization Overview
  • BIG-IP Edge Client
  • Advanced Edit Mode Customization

14. SAML

  • SAML Conceptual Overview
  • SAML Configuration Overview

15. APM Configuration Project

  • Configuration Project Overview