Thanks again Matt. So from what I can tell the options are:
- Leave the options unticked and continue with direct connection but get a certificate error.
- Use the blast secure gateway with my broker - possibly with additional connection servers.
- Put everyone through APM.
Option one isn't doable as this is a business system and I can't have certificate errors.
Option two is possible.
Option three I'd need to consider as the APM for externals has 2FA which I wouldn't want for internals.
With regards option two can I sanity check this with you?
- Internals - LTM - connection server A with blast gateway in use
- Externals - APM - connection server B with blast gateway unticked
Does that look right?