BIG-IP Access Policy Manager (APM) secures and differentiates access to your applications, data, network, and the cloud based on user identity and context. That means it gives you centralized control over who’s able to access your network or cloud, which applications they can access, and the devices and locations they can access those apps from.
In short, BIG-IP APM unifies and enforces identity-based, context-aware, and policy-driven application access control—regardless of the location of the user or the application.
BIG-IP APM protects your public-facing applications via Layer 4 and Layer 7 dynamic access control lists (ACLs) created based on user and group identity, as well as contextual attributes, including device type and security posture, location, and other attributes pulled from your directory. Together with BIG-IP Edge Client, BIG-IP APM enables secure mobile and remote access to corporate resources such as Microsoft Exchange, SharePoint, and VDI, wherever they may be located.
BIG-IP APM enhances security and simplicity for a variety of end-user business apps from VMware, Microsoft, and Citrix. It also supports email, calendar, and contact synchronization for Microsoft Exchange on mobile devices. And, BIG-IP APM integrates seamlessly with Oracle Access Manager (OAM).
BIG-IP APM federates user identity across multiple domains using numerous authentication and attribute-sharing standards and protocols, including SAML 2.0.
BIG-IP APM supports connections initiated by SAML identity providers (IdPs) and service providers (SPs), extending secure single sign-on (SSO) capabilities to SaaS, cloud-based, web-based, and virtual applications; remote access (VPN) authentication and authorization; and client-based apps and browser-less environments.
With BIG-IP APM, it’s faster and easier to provision and de-provision user access to resources, no matter where they’re located.
BIG-IP APM supports up to 500,000 access sessions available on a single BIG-IP appliance or up to 2,000,000 access sessions on a VIPRION platform.
Use BIG-IP APM’s Visual Policy Editor (VPE) to intuitively create, edit, deploy, and manage granular, dynamic access control policies on an individual or group basis.
BIG-IP APM consolidates access infrastructure and management, eliminates redundant tiers, and reduces CapEx and OpEx, while giving you a centralized view of your entire authorization infrastructure.
F5's event-driven scripting language, iRules, gives you the flexibility to customize BIG-IP APM functionality, while iApps help you speed deployment and streamline operations by providing an app-centric view of application management and delivery.
Encrypted SSL VPN, DTLS, comprehensive endpoint security and posture checks, application tunnels, and optimized site-to-site encryption deliver secure app, network, and cloud connectivity and access from anywhere on virtually any device.
Taps into existing authentication, authorization, and accounting (AAA) servers to support dynamic identity- and context-aware policy creation and enforcement.
Case Study: Overlake Medical Center
APM enhances security and simplicity for end-user computing applications such as VMware Horizon View, Mirage and Workspace, Microsoft RDP, ActiveSync and Outlook Anywhere, as well as Citrix virtual desktop applications. It also supports the synchronization of email, calendar, and contacts with Microsoft Exchange on mobile devices. In addition, F5 APM integrates with Oracle Access Manager (OAM).
Robert Teller | 2 months ago
Technical Challenge F5 like most large enterprises organizations require Two-Factor Authentication (TFA) for employee remote connectivity. To meet this requirement IT integrated BIG-IP Access Policy Manager with a third-party vendor that provides...
Jason Rahm | 4 months ago
Duo Security integrates into F5 BIG-IP Access Policy Manager as a full featured two factor authentication solution and offers inline self-enrollment and an interactive, user-friendly login experience that enables the user to select from a wide...
Jason Rahm | 5/11/2015
Recently we released the F5 BIG-IP TMOS: Operations Guide and now we’re excited to introduce the first version of the F5 BIG-IP Access Policy Manager Operations Guide.
This guide covers the gamut, including:
Peter Silva | 4/23/2015
F5 Worldwide Security Evangelist, David Holmes, talks about why the internet is going SSL Everywhere. He explains why there’s been a surge in encrypted traffic and reveals some interesting statistics from his ongoing research on the SSL protocol....
Joe Pruitt | 4/2/2015
If you have anything to do with developing products or working in IT helping to deploy and run them, chances are you have heard the term "DevOps" in one form or another. Just like the ubiquitous "Cloud" floating out in the Internet somewhere, DevOps has become a catch-all phrase for anything that is Developer or Operations related.