Forum Discussion

adnankhan1's avatar
adnankhan1
Icon for Nimbostratus rankNimbostratus
Dec 23, 2019

APM Query- Access to authorized users only

Dear Experts,

 

One of the prospects is looking for a solution in which they want to make sure that application/server access to users are only granted if user has authenticated on the network. Now this could be any NAC or F5 APM (so far i dont know). Is it possible? just to make sure if make my query clear, user should be ABLE TO ACCESS the resource only if he/she has authenticated. In this case i am assuming that applications will need to check back to APM (or other 3rd party server) to see if user is successfully authenticated? but i am confused how an application would do it?

 

Not sure, any body has any pointers please guide

APM
security

2 Replies

Sort By
  • Niels_van_Sluis's avatar
    Niels_van_Sluis
    Icon for MVP rankMVP
    Dec 24, 2019

    Like you mentioned you can use F5 APM for this. If the environment for example consists of domain joined endpoints, you could enable Kerberos Authentication within APM, and only allow access to the backend applications if the user has successfully logged in to a domain joined endpoint. This is just one example. APM covers a lot of different authentication methods.

  • adnankhan1's avatar
    adnankhan1
    Icon for Nimbostratus rankNimbostratus
    Dec 24, 2019

    Dear Niels,

     

    Thanks for your prompt feedback. Customer is concerned about internal users only. For now remote access vpn are not being considered. So in this case (since i am new to APM and f5 altogether) BIG-IP will be placed inline so that all the traffic is routed to BIP and then to applications?

     

    Also please confirm that this authentication process will be transparent to actual applications/servers?