Manual :
BIG-IP Access Policy Manager: Implementations
Applies To:
Show Versions
BIG-IP APM
- 12.1.6, 12.1.5, 12.1.4, 12.1.3, 12.1.2, 12.1.1, 12.1.0
Original Publication Date: 05/18/2016
- Web Access Management
- Custom URL Categorization
- Application Filter Configuration
- Per-Request Policy Examples for APM and APM+LTM
-
Per-Request Policy in a Reverse Proxy Configuration
-
Overview: Protecting internal resources on a per-request basis
- Creating a per-request policy
- Configuring policies to branch by local database user group
- Categorizing URLs using custom categories in a per-request policy
- Configuring a per-request policy to control access to applications
- Configuring a per-request policy to branch by group or class
- Adding a per-request policy to the virtual server
-
Overview: Protecting internal resources on a per-request basis
-
Per-Request Policy with LTM SSL Forward Proxy
-
Overview: Adding a per-request policy to LTM SSL forward proxy
- Creating an access profile for LTM-APM
-
Creating a per-request policy
- Processing SSL traffic in a per-request policy
- Configuring policies to branch by local database user group
- Categorizing URLs using custom categories in a per-request policy
- Configuring a per-request policy to control access to applications
- Configuring a per-request policy to branch by group or class
- Creating a DNS resolver
- Updating the virtual server for SSL forward proxy
- Overview: SSL forward proxy client and server authentication
- Task summary
- Implementation result
-
Overview: Adding a per-request policy to LTM SSL forward proxy
- Per-Request Policy Subroutine for Additional Authentication
-
Per-Request Policy Reference
- About access and per-request policies
- Access policy and subroutine agent differences
- Per-request policy items that read session variables
- Per-request policy items for APM and LTM
- Per-flow and subsession variables
-
About per-request policy items
- About Protocol Lookup
- About SSL Bypass Set
- About AD Group Lookup
- About LDAP Group Lookup
- About LocalDB Group Lookup
- About RADIUS Class Lookup
- About Dynamic Date Time
- About SSL Intercept Set
- About the Logging action
- About Category Lookup
- About Response Analytics
- About Request Analytics
- About URL Filter Assign
- About Application Lookup
- About Application Filter Assign
- About HTTP Headers
- About per-request policy subroutine items
- About per-request policy endings
- Customizing messages for the per-request policy Reject ending
- Exporting and importing a per-request policy across BIG-IP systems
- Configuring Dynamic ACLs
- Configuring Routing for Access Policies
-
Synchronizing Access Policies
-
Overview: Syncing access policies with a Sync-Only device group
- Understanding policy sync for Active-Standby pairs
- Before you configure device trust
- Establishing device trust
- Creating a Sync-Only device group for access policy sync
- Synchronizing an access policy across devices initially
- Configuring static resources with access policy sync
- Configuring dynamic resources with access policy sync
- Resolving access policy sync conflicts
- About ignoring errors due to the Variable Assign agent
- Implementation result
-
Overview: Syncing access policies with a Sync-Only device group
- Load balancing Access Policy Manager
-
Using APM as a Gateway for RDP Clients
-
Overview: Configuring APM as a gateway for Microsoft RDP clients
- About supported Microsoft RDP clients
- About Microsoft RDP client configuration
- About Microsoft RDP client login to APM
- Configuring an access profile for resource authorization
- Verifying log settings for the access profile
- Configuring an access policy for resource authorization
- Creating an access profile for RDP client authorization
- Verifying log settings for the access profile
- Configuring an access policy for an RDP client
- Configuring a machine account
- Creating an NTLM Auth configuration
- Maintaining a machine account
- Configuring a VDI profile
- Creating a connectivity profile
- Creating a custom Client SSL profile
- Creating a virtual server for SSL traffic
- Implementation result
- Overview: Processing RDP traffic on a device with SWG
-
Overview: Configuring APM as a gateway for Microsoft RDP clients
-
Maintaining OPSWAT Libraries with a Sync-Failover Device Group
- Overview: Updating antivirus and firewall libraries with a Sync-Failover device group
-
Task summary
- Establishing device trust
- Adding a device to the local trust domain
- Creating a Sync-Failover device group
- Manually synchronizing the BIG-IP configuration
- Uploading an OPSWAT update to Access Policy Manager
- Installing an OPSWAT update on one or more Access Policy Manager devices
- Viewing supported products in the installed OPSWAT EPSEC version
- Implementation result
- Maintaining OPSWAT Libraries with a Sync-Only Device Group
- Adding Hosted Content to Access Policy Manager
- Editing Hosted Content with Access Policy Manager
-
Hosting a BIG-IP Edge Client Download with Access Policy Manager
- About hosting a BIG-IP Edge Client file on Access Policy Manager
-
Task summary
- Configuring a connectivity profile for Edge Client for Mac
- Downloading the ZIP file for Edge Client for Mac
- Uploading BIG-IP Edge Client to hosted content on Access Policy Manager
- Associating hosted content with access profiles
- Creating a webtop link for the client installer
- Adding a webtop, links, and sections to an access policy
- Implementation result
- Hosting Files with Portal Access on Access Policy Manager
- Managing Disk Space for Hosted Content
- Importing and Exporting Access Profiles
- Logging and Reporting
- Resources and Documentation
- Legal Notices
