It is always a challenge to secure applications from insecure or untrusted clients, LAN/Remote users and unknown users who are continuously accessing the applications. Access Policy Manager (APM) is the centralized access security solutions which provides multiple services to protect and manage customer applications. In simple words we can say APM provides –
- Centralized Access to Applications
- Secure Application Access Anytime and
- Access to the application from anywhere.
This module has various numbers of features and benefits: –
SSO (Single Sign-On) – Users are automatically signed on to back-end applications. This provides a seamless authentication flow after a user has been authenticated through a supported user-authentication mechanism. BIG-IP APM also delivers smart card support with credential providers, so that users can connect their devices to the network before signing in
SSL VPN – Customer can do SSL VPN whether it is web-based or Site VPN. Customer may have services/resources in their backend and don’t what to provide full access to some users, in this case APM can restrict their access to limited application.
MFA (Multifactor Authentication) – for username/password/token/push notification of mobile device.
Multi-Vendor VDI support including VMware View, Citrix Xen App, Microsoft RDP and Java RDP clients.
Let’s further understand one use case of APM – Suppose you have office 365 in the cloud, users coming to APM, APM then authenticates them with Active directory of any authentication process ( could AAA, Radius etc ) and then according to defined policy ,SAML re-directs them to Office 365, so that users gets connected with Office 365.
Below is a simple way to understand the request flow through which APM progress.