With BIG-IP® Access Policy Manager™, you use resources to provide

secure connection functionality to users. With Access Policy Manager, you

configure a resource to allow access to a web application or a network
access connection, or you configure an access control list to allow or deny
access to clients with a network access, web applications, or web application
access management access policies.
You use access control lists (ACLs), network access or web applications
resources, and webtops to provide functionality to clients. For a web
application access management policy, you can assign ACLs, but you
cannot assign any other resources. You use ACLs to define allowed and
disallowed networks, hosts, and protocols for users. With web applications
access policies, you use webtops to provide a web page with useful links to
users who connect. You assign ACLs and webtops dynamically in an access
policy, using the resource assign action.
A represents a single secure connection that
provides an on-network type of experience to an end user. You can define
many network access resources on the Access Policy Manager, but each
connection uses only one network access resource. To connect a user
securely with a network access connection, you must assign a network
access resource to an access policy and a network access webtop, using the
resource assign action. A network access connection does not manipulate or
analyze the content being passed between the client and the internal
network.
A provides web browser access to one or more
specific internal web applications. With web applications, the Access Policy
Manager communicates with back-end servers, and rewrites the links in the
response so that all the links in the response content specify the virtual
server as the host. This method of access differs from a connection
configured for network access, which provide a secured tunnel from the
client to the internal network.
In this chapter you can learn how to use ACLs and webtops. To configure
network access resources, see Chapter 2, . To
configure web applications, see Chapter 3, .
To configure web application access management, see Chapter 4,
.