BIG-IP Access Policy Manager
PRODUCT OVERVIEW
�Weve built an iron fence
around our web application
with BIG-IP APM. It not only
secures the application; it helps
us manage the traffic and the
user experience.
Geoff Preston, CTO of Content Direct at CSG
Achieve Unified Access Control and
Scale Cost-Effectively
Key benefits
Provide unified global access
Achieve dynamic, centralized access control
Consolidate your infrastructure
and simplify management
Ensure superior security
Obtain flexibility, high performance,
and scalability
Today, business resources, such as applications and data, are accessed inside and
outside the traditional business perimeter. Local and remote employees, partners,
and customers often access applications without context or security. A central
policy control point delivers access based on context and is critical to managing
a scalable, secure, and dynamic environment.
BIG-IP Access Policy Manager (APM) is a flexible, high-performance access
and security solution that provides unified global access to your applications
and network. By converging and consolidating remote access, LAN access, and
wireless connections within a single management interface, and providing easyto-manage access policies, BIG-IP APM can help you free up valuable IT resources
and scale cost-effectively.
�Provide unified global access
BIG-IP APM protects your public-facing
applications by providing policy-based,
context-aware access to users while
consolidating your access infrastructure.
It also provides secure remote access to
corporate resources from all networks and
devices. BIG-IP APM is the first remote
access solution that is truly IPv6 ready.
Consolidate and simplify
BIG-IP APM helps you consolidate your
infrastructure and simplify access
management by providing centralized
authentication, authorization, and accounting
(AAA) control directly on the BIG-IP system.
BIG-IP APM integrates with Oracle Access
Manager. It simplifies virtual application
deployment by supporting Citrix XenApp
and XenDesktop, VMware View, and
Microsoft Remote Desktop Protocol, all in
one webtop. With BIG-IP APM, you can
consolidate and unify elements such as
access, security, and policy management to
help further reduce costs.
the inspection, an application tunnel can be
provided to access a particular application
without opening a full network access tunnel.
Achieve dynamic, centralized access
control
Obtain flexibility, high performance,
and scalability
BIG-IP APM provides dynamic access control
by selecting L4 and L7 access control lists
(ACLs) based on user identity, IP address, and
other attributes. With unified access control,
administrators are able to create a single
policy for all access methods or create unique
policies depending on access method,
device, user group, or other benchmarks.
BIG-IP APM is available in three deployment
optionsas an add-on module for
BIG-IP Local Traffic Manager (LTM)
for protecting Internet-facing applications,
delivered in BIG-IP Edge Gateway
for accelerated remote access, and run
on BIG-IP LTM Virtual Edition to deliver
flexible application access in virtualized
environments.
Ensure superior security
BIG-IP APM can deliver an inspection engine
through the browser to examine the security
posture of a device, including attributes
such as MAC address, CPU ID, and HDD ID.
It determines whether the device is part of
the corporate domain, and then it adds the
results to access policies. If an endpoint fails
BIG-IP APM features
BIG-IP APM offers SSL offload at network
speeds and supports up to 800 logins per
second. For growing companies, BIG-IP
APM scales quickly and cost-effectively to
support up to 100,000 concurrent users
on a chassis platform or 60,000 concurrent
users on a single high-end appliance.
Learn more
Access
Application tunnels
Network, application, and portal access
Dynamic webtops based on user identity
IPv6 ready for all access modes
Virtual keyboard support
SSL VPN remote access (BIG-IP Edge Client)
Protected workspace
SSL VPN client access from iOS, Android,
Mac, Windows, and Linux
IP geolocation agent in Visual Policy Editor
Custom and built-in reports
Location awareness and auto-connect
AAA server support and high availability
Acceleration
Access mgmt for Citrix remote desktops
Hardware acceleration over DTLS
Native support for Microsoft RDP client
L7 Rate Shaping
Kerberos SSO support
SSL offload
Integration with Oracle Access Manager
Caching and compression
Microsoft ActiveSync and Outlook
Anywhere support
Flexibility
N-factor authentication
iRules
Credential caching and proxying for SSO
Integration with other BIG-IP modules
For more information about BIG-IP APM,
use the search function on f5.com to find
these resources.
Datasheets
BIG-IP Access Policy Manager
BIG-IP Add-On Modules
White paper
BIG-IP Version 10.1: An Integrated
Application Delivery Architecture
Isolated resource allocation (vCMP)
Security
iApp for pre-configured policies
SSL VPN encryption
Endpoint inspection
Split SSL within a secured connection
F5 Networks, Inc. 401 Elliott Avenue West, Seattle, WA 98119
F5 Networks, Inc.
Corporate Headquarters
[email protected]F5 Networks
Asia-Pacific
[email protected]
888-882-4447
F5 Networks Ltd.
Europe/Middle-East/Africa
[email protected]
www.f5.com
F5 Networks
Japan K.K.
[email protected]
2011 F5 Networks, Inc. All rights reserved. F5, F5 Networks, the F5 logo, and IT agility. Your way., are trademarks of F5 Networks, Inc. in the U.S. and in certain other countries. Other F5 trademarks are identified
at f5.com. Any other products, services, or company names referenced herein may be trademarks of their respective owners with no endorsement or affiliation, express or implied, claimed by F5. CS04-00011 1211
