F5 APM- 15 Use Cases

I’m working a lot these days with F5 APM. You will have watched all videos I’ve uploaded to my YouTube Channel. F5 APM is a module few people know it. It’s a module which is more than a VPN. It’s a module which is useful for many other use cases. I’m going to write today about use cases. You will read all the use cases where F5 APM can help you. Maybe, you know some of them, but others will be new for you.

Identity federation, SSO and Network Access are common use cases. Identity federation is an use case useful when we want to verify user identity (authentication) and control (authorization) the resources each user can access from a centralized system (IdP) to access to other systems (SP). SSO is increasingly used to avoid users write the credentials again and again to access the systems. Network Access is a tunnel mode SSL VPN.

Per-Application VPN, Application tunnel and Web Access Management are also three interesting use cases. Per-Application VPN is an use case mainly for mobile applications and MDM solutions, where we can apply per-user bandwidth policies and, in addition, only data relevant will be sent to the internal network. Application tunnel is like Network Access. However, Application tunnel have lower overhead in connection establishment, lower client module complexities, and faster application connections when compared to Network Access. Web Access Management (also called LTM+APM) provides authenticated access to internal resources.

Per-Application VPN

 

Portal Access, Citrix integration and VMware View support are also use cases we can configure with F5 APM. I think Portal Access is one of the most configured use case. It can provide clientless access to internal web resources. Portal Access is like Web Access Management. However, Portal Access rewrites page content. Citrix integration and VMware View support are also interesting because we can replace some of its core services with F5 APM.

VMware View support

Do you want more use cases? Exchange proxy, Webtop and ACLs. F5 APM can be configured as an Exchange proxy to secure remote access for all Microsoft Exchange services. You will also configure Webtop. It’s really interesting to have a customizable landing page with icons to access to web internal services. ACLs are less used. They can be used to restrict user access to specified internal hosts, ports and/or URIs. In addition, we can even store ACLs in an LDAP, RADIUS, or Active Directory server to apply ACLs dynamically to users. It sounds interesting!

Finally, there are three more use cases I would like to write about it. Step-up authentication use case is useful when we want to apply a time-limited policy to a user for accessing to areas of an application. Forward proxy, along with Secure Web Gateway (SWG) subscription, enforces access controls and implements a compliance policy for Internet access. F5 APM supports OAuth 2.0. Therefore, it can also be configured as an OAuth Authorization Server or an OAuth Client.

Fifteen use cases where F5 APM fits your needs! Take into account all the things F5 APM can do for you! Regards! Take care!