BIG-IP Access Policy Manager (APM) secures and differentiates access to your applications, data, network, and the cloud based on user identity and context. That means it gives you centralized control over who’s able to access your network or cloud, which applications they can access, and the devices and locations they can access those apps from.
In short, BIG-IP APM unifies and enforces identity-based, context-aware, and policy-driven application access control—regardless of the location of the user or the application.
BIG-IP APM protects your public-facing applications via Layer 4 and Layer 7 dynamic access control lists (ACLs) created based on user and group identity, as well as contextual attributes, including device type and security posture, location, and other attributes pulled from your directory. Together with BIG-IP Edge Client, BIG-IP APM enables secure mobile and remote access to corporate resources such as Microsoft Exchange, SharePoint, and VDI, wherever they may be located.
BIG-IP APM enhances security and simplicity for a variety of end-user business apps from VMware, Microsoft, and Citrix. It also supports email, calendar, and contact synchronization for Microsoft Exchange on mobile devices. And, BIG-IP APM integrates seamlessly with Oracle Access Manager (OAM).
BIG-IP APM federates user identity across multiple domains using numerous authentication and attribute-sharing standards and protocols, including SAML 2.0.
BIG-IP APM supports connections initiated by SAML identity providers (IdPs) and service providers (SPs), extending secure single sign-on (SSO) capabilities to SaaS, cloud-based, web-based, and virtual applications; remote access (VPN) authentication and authorization; and client-based apps and browser-less environments.
With BIG-IP APM, it’s faster and easier to provision and de-provision user access to resources, no matter where they’re located.
BIG-IP APM supports up to 500,000 access sessions available on a single BIG-IP appliance or up to 2,000,000 access sessions on a VIPRION platform.
Use BIG-IP APM’s Visual Policy Editor (VPE) to intuitively create, edit, deploy, and manage granular, dynamic access control policies on an individual or group basis.
BIG-IP APM consolidates access infrastructure and management, eliminates redundant tiers, and reduces CapEx and OpEx, while giving you a centralized view of your entire authorization infrastructure.
F5's event-driven scripting language, iRules, gives you the flexibility to customize BIG-IP APM functionality, while iApps help you speed deployment and streamline operations by providing an app-centric view of application management and delivery.
Encrypted SSL VPN, DTLS, comprehensive endpoint security and posture checks, application tunnels, and optimized site-to-site encryption deliver secure app, network, and cloud connectivity and access from anywhere on virtually any device.
Taps into existing authentication, authorization, and accounting (AAA) servers to support dynamic identity- and context-aware policy creation and enforcement.
Case Study: Overlake Medical Center
APM enhances security and simplicity for end-user computing applications such as VMware Horizon View, Mirage and Workspace, Microsoft RDP, ActiveSync and Outlook Anywhere, as well as Citrix virtual desktop applications. It also supports the synchronization of email, calendar, and contacts with Microsoft Exchange on mobile devices. In addition, F5 APM integrates with Oracle Access Manager (OAM).
John Wagnon | 4 months ago
The Security Assertion Markup Language (SAML) allows you to simplify access control and management of your applications. Once upon a time, you would need a separate username/password database for each application you hosted. Now, with the use of SAML, you can consolidate everything into one place and reduce the management and security headache of it all...
Robert Teller | 9/25/2015
Technical Challenge F5 like most large enterprises organizations require Two-Factor Authentication (TFA) for employee remote connectivity. To meet this requirement IT integrated BIG-IP Access Policy Manager with a third-party vendor that provides...
Jason Rahm | 7/27/2015
Duo Security integrates into F5 BIG-IP Access Policy Manager as a full featured two factor authentication solution and offers inline self-enrollment and an interactive, user-friendly login experience that enables the user to select from a wide...
Jason Rahm | 5/11/2015
Recently we released the F5 BIG-IP TMOS: Operations Guide and now we’re excited to introduce the first version of the F5 BIG-IP Access Policy Manager Operations Guide.
This guide covers the gamut, including:
Peter Silva | 4/23/2015
F5 Worldwide Security Evangelist, David Holmes, talks about why the internet is going SSL Everywhere. He explains why there’s been a surge in encrypted traffic and reveals some interesting statistics from his ongoing research on the SSL protocol....