Takaisin

F5 BIG-IP Access Policy Manager v13

This course covers three typical deployment scenarios for BIG-IP Access Policy Manager (APM) and is broken into three individual lessons. In lesson one, you learn how to configure BIG-IP APM to provide Active Directory-based authentication for a load-balanced pool of web servers. Building on that, in lesson two, you learn how to create a policy that provides an SSL VPN (Network Access) resource to users, but only when they log into BIG-IP APM using a corporate-issued PC. Finally, lesson three builds on the first two lessons to create a policy that provides a dynamic landing page with both SSL VPN as well as an OWA (Portal Access) resource, but only to users with special authorization.

This course is intended for network administrators, operators, and engineers responsible for managing the normal day-to-day operation and administration of BIG-IP Access Policy Manager.

Prerequisites

Students must complete one of the following F5 prerequisites before attending this course:

  • Administering BIG-IP instructor-led course
  • F5 Certified BIG-IP Administrator

The following general network technology knowledge and experience are recommended before attending any F5 Global Training Services instructor-led course:

  • OSI model encapsulation
  • Routing and switching
  • Ethernet and ARP
  • TCP/IP concepts
  • IP addressing and subnetting
  • NAT and private IP addressing
  • Default gateway
  • Network firewalls
  • LAN vs. WAN


The following course-specific knowledge and experience is suggested before attending this course:

  • Hands-on experience with BIG-IP
  • Basic web application delivery (BIG-IP LTM)
  • HTML, HTTP, HTTPS as well as some CSS and JavaScript
  • Telnet, SSH and TLS/SSL
  • VPN or tunnel encapsulation, Layer 4 NAT and Access Control Lists

 This course is organized in co-operation with Arrow ECS. Training materials and lectures are in English.

Virtual Classroom brings the classroom experience to you.
Choose training in the boardroom, the dining room or one of our many classrooms around the country, or even bridge the gap and learn with students in other countries.

A more efficient way to train

  • Choose to train at home, on your office, or ours
  • Save on travel and expenses
  • Reduce time out of the office and away from home

An interactive experience

Instructors use interactive smart boards offering real-time viewing to all students
High capacity network means no lag in viewing or hearing the instructor and other students
HD quality video and audio provides crystal clear sound without the need for a microphone
Students have full access to labs and participate in all practical activities
Chat function lets you ask questions to the whole class, or just the instructor
Learn with other students all around the country

v13 COURSE OUTLINE

Chapter 1: Setting Up the BIG-IP System

Introducing the BIG-IP System
Initially Setting Up the BIG-IP System
Archiving the BIG-IP Configuration
Leveraging F5 Support Resources and Tools


Chapter 2: Configuring Web Application Access

Review of BIG-IP LTM
Introduction to the Access Policy
Web Access Application Configuration Overview
Web Application Access Configuration in Detail


Chapter 3: Exploring the Access Policy

Navigating the Access Policy


Chapter 4: Managing BIG-IP APM

BIG-IP APM Sessions and Access Licenses
Session Variables and sessiondump
Session Cookies
Access Policy General Purpose Agents List


Chapter 5: Using Authentication

Introduction to Access Policy Authentication
Active Directory AAA Server
RADIUS
One-Time Password
Local User Database


Chapter 6: Understanding Assignment Agents

List of Assignment Agents


Chapter 7: Configuring Portal Access

Introduction to Portal Access
Portal Access Configuration Overview
Portal Access Configuration
Portal Access in Action


Chapter 8: Configuring Network Access

Concurrent User Licensing
VPN Concepts
Network Access Configuration Overview
Network Access Configuration
Network Access in Action


Chapter 9: Deploying Macros

Access Policy Macros
Configuring Macros
An Access Policy is a Flowchart
Access Policy Logon Agents
Configuring Logon Agents


Chapter 10: Exploring Client-Side Checks

Client-Side Endpoint Security


Chapter 11: Exploring Server-Side Checks

Server-Side Endpoint Security Agents List
Server-Side and Client-Side Checks Differences


Chapter 12: Using Authorization

Active Directory Query
Active Directory Nested Groups
Configuration in Detail


Chapter 13: Configuring AppTunnels

Application Access
Remote Desktop
Network Access Optimized Tunnels
Landing Page Bookmarks


Chapter 14: Deploying Access Control Lists

Introduction to Access Control Lists
Configuration Overview
Dynamic ACLs
Portal Access ACLs


Chapter 15: Signing On with SSO

Remote Desktop Single Sign-On
Portal Access Single Sign-On


Chapter 16: Using iRules

iRules Introduction
Basic TCL Syntax
iRules and Advanced Access Policy Rules


Chapter 17: Customizing BIG-IP APM

Customization Overview
BIG-IP Edge Client
Advanced Edit Mode Customization
Landing Page Sections


Chapter 18: Deploying SAML

SAML Conceptual Overview
SAML Configuration Overview


Chapter 19: Exploring Webtops and Wizards

Webtops
Wizards


Chapter 20: Using BIG-IP Edge Client

BIG-IP Edge Client for Windows Installation
BIG-IP Edge Client in Action


Chapter 21: Configuration Project

Näytä lisää Sulje
ArrowECS

ArrowECS vastaa kurssin järjestämisestä.

Ilmoittaudu kurssille

Tietosuoja

Palvelussa voidaan käsitellä Elisan tietosuojaperiaatteissa kuvattuja henkilötietoja, kuten esimerkiksi nimi, yhteystiedot ja palvelun käyttöön liittyvät tiedot. Elisa on palvelussa käsiteltävien henkilötietojen osalta tietosuojalainsäädännössä tarkoitettu henkilötietojen rekisterinpitäjä.

Elisa käsittelee rekisterinpitäjänä henkilötietoja kulloinkin voimassaolevien tietosuojaperiaatteiden mukaisesti (https://elisa.fi/sopimusehdot) ja (https://elisa.fi/tietosuoja).

Elisalla on oikeus käyttää palveluiden tuottamisessa ja henkilötietojen käsittelyssä alihankkijoita.

English:

When using the service, the following types of personal information may be handled; name and contact information, employee information and other information from the client company, end user information, information related to use of the service and customer satisfaction information. This information is needed for the maintenance and development of the service. In terms of the personal information being handled, the customer is the controller as intended in information protection legislation and the service provider is the handler.

The customer's personal information is to be handled in the manner outlined in the agreement and this service description in order to provide and develop the services. Any other handling of the customer's personal information and its effect on costs in accordance with the General Data Protection Regulation are to be agreed upon separately between the parties to the agreement.

The provider or their subcontractor may collect data for the maintenance, improvement or analysis of the service. The provider reserves the right to use subcontractors in the production of their services and sub-handlers in the handling of personal information. The customer has the right to receive information on the provider's subcontractors and sub-handlers upon request.