OWA using iapp version 1.51 on LTM version 11.6 HF5, want to set idle timeout to 30 min

I've seen lots of discussion about how to solve problems with a timeout being too short.... I want to enforce an idle timeout of 30 minutes for Internet based users accessing OWA. I also read the articles regarding the silliness of letting a user choose whether they are a public or private user.... I am using APM to provide secured SSO OWA in front of our Exchange servers. Right now, everyone comes in as a private user and has the 8 hr timeout, just as if they were accessing it on our internal network, via an LTM using an iapp to provide non APM load balancing of the CAS servers using NTLM. As I understand it, I have two options... I could have an irule to set the cookie that Exchange uses to determine if a user is public or private and set it to public and let Exchange manage the timeout, or I could manage that timeout within APM. My thought is that I should do it in APM at the edge, and not proxy that traffic in and let Exchange handle it. Looking for other peoples' thoughts and if you have implemented something in APM to do it, some details?