F5 BIG-IP Access Policy Manager

BIG-IP Access Policy Manager (APM) is a flexible, high-performance solution for control of remote access and information security support.

By means of consolidation of functions of access control to applications and network within the single interface of management, at the expense of simple in management the politician of access, the BIG-IP APM system helps to save working time of IT personnel and to scale a system by the easiest and profitable way.

BIG-IP Access Policy Manager (APM), 2014

The product BIG-IP APM is placed between applications and users, creating a strategic point of management in network. This device provides access to external users on the basis of flexibly configured security policies. The device is the full-fledged hub SSL VPN capable to process up to 200,000 user connections at the same time.

Scheme of interaction BIG-IP Access Policy Manager (APM), 2014

Support of technology of a uniform input (Single Sign-On, SSO) gives the chance to users to perform an input in all applications by means of one identifier that considerably increases convenience of work and reduces time of access to applications.

The product BIG-IP APM can work as as the independent SSO solution, and to be integrated with products of other producers. Oracle and Microsoft recommend to use BIG-IP APM for ensuring failsafe scalable access and significant increase in number of at the same time supported user sessions.

Using BIG-IP APM creation and editing the politician of access of any level of complexity in the graphical interface of the visual editor the politician is possible.

Visual editor politician of access, 2014

For authentication and authorization of users the ability to integrate with different servers of authorization, such as Active Directory, LDAP and RADIUS and also two-factor authentication using Google Authenticator tokens is possible is implemented RSA SecurID, Aladdin and Rutoken.

Consolidation of control functions by AAA infrastructure in a single system allows to provide the centralized visual media control of authorization, to exclude excess levels and to simplify management, considerably having reduced the volume of capital and operating costs.

For April 28, 2015 the solution BIG-IP APM supports work, both with desktop, and with all mobile devices, by means of availability of the software of the client applications prepared practically for all widely used stationary and mobile operating systems.

At connection of the user to network or the application there is a possibility of additional access control by means of execution the politician and checks of the user devices on compliance to security policies of the company (the version of OS, existence of an antivirus, relevance of anti-virus bases, membership in the domain, register contents, etc.). Depending on results of check a system can appoint dynamic access lists for providing the due security level. The functionality of creation of the protected working space is maintained — the user cannot save files outside this space, and the created locally temporary files and folders are removed at completion of a session.

Use of the Secure Web Gateway (SWG) add-on module helps to provide access control of users in the Internet. The software module of SWG works in the mode of proxying of the user traffic and controls access for users to different Internet resources, provides protection against a phishing and the malware. As a part of the module regularly updated base from more than 40 million categorized websites that allows to block access to Internet resources on the basis of content placed there.