Forum Discussion
2 Replies
- kunjanNimbostratus
Assume you intend to use APM for this. You can follow the 'Portal' configuration for this.
http://support.f5.com/kb/en-us/products/big-ip_apm/manuals/product/apm-portal-access-11-5-0/2.html
- Kevin_StewartEmployee
If I may add, the term "reverse proxy" really refers to a broader category than just what APM provides. In a nutshell, a reverse proxy is a proxy that accepts an unlimited quantity of requests for a limited quantity of services. In that respect, aside from its basic load balancing duties, the Local Traffic Manager (LTM) module, and indeed the platform itself, IS a reverse proxy. If you define an LTM VIP such that external users access an internal service through that VIP, you've created a reverse proxy. APM can add layers of authentication and access control ON TOP OF that reverse proxy, and to some great extent provide its own "authentication proxy". Those layers could include:
-
AAA (Authentication, Authorization, Accounting) services - the client side methods that allow APM to authenticate incoming users by a variety of technologies
-
SSO (Single Sign-On) - services to provide server side authentication
-
Network (tunnel) Access - a full SSLVPN
-
Application (tunnel) access - a partial (potentially per-app) SSLVPN
-
Portal rewrite - a mechanism to obfuscate access to internal resources through an APM-hosted "portal" page
-
Any combination of the above
So to answer your question, it would be important to know what your requirements are, as the possibilities could be virtually endless.
-