Your users expect full access.

So give it to them—securely.

Users expect easy access to the applications and data they need from any device and any location—whether those resources are in a data center, the cloud, SaaS-based, or a hybrid environment. Access isn’t negotiable.

The challenge is, to keep applications and data safe, you need to know where users are connecting from, what device they’re using, and what they’re trying to connect to.

BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway on the market.

Control access without adding complexity.

Save time and money by combining your access infrastructure with BIG-IP APM. Its scalability lets you consolidate your access gateways onto a single device or virtual edition, powered by a single policy engine.

BIG-IP APM integrates with the enterprise mobility management (EMM) products you already use for enhanced security and ease of use.

BIG-IP APM also has native VDI proxy support for Citrix, Microsoft, and VMware on both desktop and mobile devices. This reduces the complexity of your network design via infrastructure consolidation.

Consolidate and simplify access gateways

Password management: The struggle is real.

If your users have to create a password for every app they use, chances are they aren’t going to create a unique password every time. That makes it easier for attackers to break into your apps and steal your company’s data.

BIG-IP APM lets you federate user identity and enables single sign-on (SSO), simultaneously enhancing and securing access. And that’s true wherever your apps are located—data center, cloud, or hybrid environment.

Using the Security Assertion Markup Language (SAML) standard, BIG-IP APM—serving as both a SAML identity provider (IdP) and service provider—allows user credentials to remain safe and secure in one place, while a trusted token is passed to applications when a user signs in.

BIG-IP APM can also handle authentication to all your apps. It supports multiple authentication methods, including multi-factor authentication (MFA), so users sign in once and can securely access the apps they need to do their jobs—apps like Office or Office 365, Microsoft Exchange, SharePoint, Salesforce, and more—over all networks and from all devices.

 
CUSTOMER STORY

Overlake Medical Center

 

F5’s access security solution, together with VMware Horizon View, gives users at Overlake Hospital unified global access to applications—and gives IT centralized control of policies.

Read the customer story

Visual policy creation and management.

Just click, pick, and move.

BIG-IP APM includes the Visual Policy Editor (VPE), a graphical user interface that makes it easy to create, edit, and manage identity-aware, context-based policies—just click, pick, and move.

The VPE saves you time and hassle, as well as giving you a holistic view of your policies and how they’re connected across your network. You won’t find anything quite like it from any other access vendor.

Uniquely clear and simple APM Visual Policy Editor

Better together.

F5 products, technologies, and solutions work together to make sure your applications are always protected and work the way they should. Extend the effectiveness of BIG-IP APM by combining it with the following products.

Secure Web Gateway Services

Paired with BIG-IP APM, lets you create and administer policies to manage web access, as well as spot and block web-borne threats.

3Asset 3

Learn More

BIG-IP Application Security Manager (ASM)

Gives you the flexibility to deploy web application firewall (WAF) services close to apps, so they’re protected wherever they reside.

3Asset 3

Learn More

BIG-IQ Centralized Management

Helps you manage security policies and centralize reports and alerts across BIG-IP AFM and BIG-IP ASM.

3Asset 3

Learn More

Deploy however you want.


HARDWARE

Both the BIG-IP family of devices and the VIPRION chassis are purpose-built, powerful hardware that F5 software runs on.

Learn more >

SOFTWARE (Virtual Editions)

BIG-IP virtual editions have the same features as those that run on F5 purpose-built hardware—and you can deploy them on any leading hypervisor or select cloud providers.

Learn more >

CLOUD

F5 application services work exactly the same way in the public and private cloud as they do in the data center.

Learn more >

Features

Identity federation and single sign-on (SSO) >

Federates user identity, drives adaptive MFA, and supports SSO to applications on-premises, in the cloud, SaaS-based, and more. BIG-IP APM minimizes the time users spend logging into applications that each require separate credentials.

Fast, secure remote and mobile access>

Unifies identity- and context-aware, differentiated, anytime/anywhere remote access via SSL VPN. Its secure, adaptive per-app VPN capabilities ensure focused application access from mobile devices based on provisioning, endpoint posture, and more via seamless integration with EMM applications already deployed in your network.

Secure and manage web access>

Allows secure access and authentication to web and web-based applications. BIG-IP APM proxies web applications, providing authentication, authorization, and endpoint inspection. It enhances secure access to web-based applications via step-up authentication.

Support for desktop application and virtualization>

Enables simplified, seamless access to virtual apps through a single, consolidated gateway along with its native VDI support and a customizable, user-friendly webtop.

Integrated forward proxy support>

Delivers web-based malware protection and comprehensive URL filtering through Secure Web Gateway Services, a subscription- and time-based add-on. It’s the only web gateway that provides security against both inbound and outbound threats.

Centralized access policy deployment and management>

Integrates with the access component of BIG-IQ Centralized Management, so you can centrally deploy policies, centralize graphical reports and dashboards, and compile logs for analysis.

Best-in-class performance and scalability>

The most scalable access gateway available, BIG-IP APM supports up to 1,000,000 access sessions on a single BIG-IP device and up to 2,000,000 access sessions on a single VIPRION chassis.

The flexibility to customize>

F5's event-driven scripting language, iRules, gives you the flexibility to customize BIG-IP APM, while iApps—highly-configurable, administrator-defined application services templates—helps speed deployment and streamline operations.

Features

Identity federation and single sign-on (SSO)

Federates user identity, drives adaptive MFA, and supports SSO to applications on-premises, in the cloud, SaaS-based, and more. BIG-IP APM minimizes the time users spend logging into applications that each require separate credentials.

Fast, secure remote and mobile access

Unifies identity- and context-aware, differentiated, anytime/anywhere remote access via SSL VPN. Its secure, adaptive per-app VPN capabilities ensure focused application access from mobile devices based on provisioning, endpoint posture, and more via seamless integration with EMM applications already deployed in your network.

Secure and manage web access

Allows secure access and authentication to web and web-based applications. BIG-IP APM proxies web applications, providing authentication, authorization, and endpoint inspection. It enhances secure access to web-based applications via step-up authentication.

Support for desktop application and virtualization

Enables simplified, seamless access to virtual apps through a single, consolidated gateway along with its native VDI support and a customizable, user-friendly webtop.

Integrated forward proxy support

Delivers web-based malware protection and comprehensive URL filtering through Secure Web Gateway Services, a subscription- and time-based add-on. It’s the only web gateway that provides security against both inbound and outbound threats.

Centralized access policy deployment and management

Integrates with the access component of BIG-IQ Centralized Management, so you can centrally deploy policies, centralize graphical reports and dashboards, and compile logs for analysis.

Best-in-class performance and scalability

The most scalable access gateway available, BIG-IP APM supports up to 1,000,000 access sessions on a single BIG-IP device and up to 2,000,000 access sessions on a single VIPRION chassis.

The flexibility to customize

F5's event-driven scripting language, iRules, gives you the flexibility to customize BIG-IP APM, while iApps—highly-configurable, administrator-defined application services templates—helps speed deployment and streamline operations.