Our Experience with F5 BIG-IP Access Policy Manager
We use BIG-IP Access Policy Manager for a couple different use cases within our organization. We use it both for providing all employees …
Overview
What is F5 BIG-IP Access Policy Manager (APM)?
F5 Networks provides BIG-IP Access Policy Manager as an identity and access solution which can be deployed as a standalone solution or as an add-on to F5 Networks' flagship BIG-IP TLM or F5 Advanced WAF applications.
Recent Reviews
Reviewer Pros & Cons
Pricing
N/A
Unavailable
What is F5 BIG-IP Access Policy Manager (APM)?
F5 Networks provides BIG-IP Access Policy Manager as an identity and access solution which can be deployed as a standalone solution or as an add-on to F5 Networks' flagship BIG-IP TLM or F5 Advanced WAF applications.
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting/Integration Services
Would you like us to let the vendor know that you want pricing?
17 people also want pricing
Alternatives Pricing
What is GoodAccess?
GoodAccess is a cloud VPN with zero-trust access controls specially designed for small and medium businesses. GoodAccess is a secure remote access solution that interconnects remote workers, applications, data centers, clouds, and offices via one resilient virtual network. No hardware or complex…
What is NetScaler Gateway?
NetScaler Gateway (formerly Citrix Gateway) is an access gateway with SSL VPN solution, providing single sign-on (SSO) and authentication for remote end users of network assets.
Product Details
- About
- Integrations
- Competitors
- Tech Details
- Downloadables
- FAQs
What is F5 BIG-IP Access Policy Manager (APM)?
F5® BIG-IP® Access Policy Manager® (APM) is an access management proxy solution managing global access to the user's network, the cloud, applications, and application programming interfaces (APIs). Through a single management interface, BIG-IP APM consolidates remote, mobile, network, virtual, and web access. BIG-IP APM can also serve as a bridge between modern and classic authentication and authorization protocols and methods. For applications which are unable to support modern authentication and authorization protocols, like SAML and OAuth with OIDC, but which do support classic authentication methods, BIG-IP APM converts user credentials to the appropriate authentication standard supported by the application.
Identity Aware Proxy is key to both a Zero Trust security architecture and to F5 BIG-IP APM. BIG-IP APM and F5 Access Guard deliver Identity Aware Proxy using a Zero Trust validation model on every application access request. Providing authenticated and authorized users secure access to specific applications, it leverages F5 best-in-class access proxy. BIG-IP APM centralizes user identity and authorization. Authorization is based on the principles of least privileged access.
F5 BIG-IP Access Policy Manager (APM) Features
- Supported: Support for Identity Aware Proxy (IAP) enabling Zero Trust application access
- Supported: Context-based authorization with dynamic L4/L7 ACLs
- Supported: Seamless integration with third-party MFA solutions
- Supported: DTLS 2.0 mode for delivering and securing applications
- Supported: SAML 2.0 identity federation support
- Supported: Support for OAuth 2.0 authorization protocol
- Supported: SSO support for classic authentication (Kerberos, header- based, etc.), credential caching, OAuth 2.0, SAML 2.0, and FIDO2 (U2F)
- Supported: Granular access policy enforcement
- Supported: AAA server authentication and high-availability
- Supported: Integration with leading IAM vendor products (Microsoft, Okta, Ping Identity)
- Supported: BIG IP Edge Client and F5 Access integrate with VMware Horizon ONE (AirWatch), Microsoft Intune and IBM MaaS360
- Supported: Risk-based access leveraging third-party UEBA and risk engines (HTTP Connector)
- Supported: Scales up to 2 million concurrent access sessions
F5 BIG-IP Access Policy Manager (APM) Integrations
F5 BIG-IP Access Policy Manager (APM) Competitors
F5 BIG-IP Access Policy Manager (APM) Technical Details
| Operating Systems | Unspecified |
|---|---|
| Mobile Application | No |
F5 BIG-IP Access Policy Manager (APM) Downloadables
Frequently Asked Questions
F5 Networks provides BIG-IP Access Policy Manager as an identity and access solution which can be deployed as a standalone solution or as an add-on to F5 Networks' flagship BIG-IP TLM or F5 Advanced WAF applications.
NetScaler ADC, Ivanti Connect Secure, and Zscaler Private Access are common alternatives for F5 BIG-IP Access Policy Manager (APM).
The most common users of F5 BIG-IP Access Policy Manager (APM) are from Enterprises (1,001+ employees).
Comparisons
Compare with
Reviews and Ratings
(21)Reviews
(1-10 of 10)Companies can't remove reviews or game the system. Here's why
February 13, 2024
Our Experience with F5 BIG-IP Access Policy Manager
We use BIG-IP Access Policy Manager for a couple different use cases within our organization. We use it both for providing all employees within the company secure VPN access to company resources while working remote. We also use it to provide a more heavily secured webtop for very specific high-security applications within certain segments of our network that need to be more controlled.
- Simple pushing of updates out to user workstations
- Easy to add new tiles to our webtop for new resources
- Ease of use of the Edge Client is a big point of satisfaction with users
- CCU Licenses are limited by device and are not shared between APM devices
- User sessions are not stored globally, so persistence can be an issue with users all over the world
- Configuration can get complicated when split up between multiple sites
Pre-authenticated access to critical applications on premise. It provide secure access to our critical services we publish to our internet community.
- SSO authenticated access
- Complex decision making access permission
- Easy to use interface
- Easy to interpret policies
February 13, 2024
Network access controls with F5 BIG-IP Access Policy Manager
I am using F5 BIG-IP Access Policy Manager (APM) for authentication services for distributors and end customer and this will give authentication and access based on profiles, also for network access control in place for organizational level
- access based on user levels
- Network access controls
- Difficult to route the traffic on clusters due to policy verification as the traffic will rote to node after completion of access policy
August 22, 2023
F5 BIG-IP features visibility
We have create source and destination base policy with load balancing and it is working fine than any other product. Even link failover and high latency features working fine. Also SSL VPN connection through load balancing feature support through DNS So without manual interruption SSL VPN Working fine incas of link failover.
- Source and destination IP Base policy
- Source and application base policy
- Ssl VPN with load balancing and fail over policy working fine.
- When u leave it for long enough it get disconnected
- GUI Not loos friendly
- Reporting not good
April 28, 2023
Nice product!
F5 BIG-IP Access Policy Manager is used by Zions to authorize VPN access.
- Simple single sign on
- Remote VPN access
- Easy to manage
- Access denials
- Authentication problem
- Connectivity
We use F5 BIG-IP APM to secure our applications. We also use to implement two-factor authentication for our VPN and allow RDP/SSH access to our users. It is the one-stop portal for all our users who are outside the university. We also deploy app tunnels and any specific user IP port access.
- Remote Access to the local computer.
- Application Security.
- Authentication.
- Two Factor Authentication Implementation.
- UI/UX can be quick and modern.
- The application hosting is not one-click.
- You cannot observer the changes done for external users internally.
July 19, 2022
F5 Big IP- Big value for Access Policy Management
It helps to maintain a secure connection to our different sites from the outer world. Availability for centralized management and easy deployment is the main factor for considering this product. The product can be scaled to any larger environment and it works seamlessly. We already using SSO for all our applications in our company and this tool support SSO through SAML out of the box.
- Ease the process in different policy creation
- API protection
- Employs Advanced Web Application firewall
- Auto reconnect feature can be improved once network is restored.
- Readability of logs can be improved when troubleshooting.
- Central Management console can be added with more insights and dashboards.
July 19, 2022
F5 BIG-IP APM Review at a glance
We use APM to interconnect our in-house / ERP application with other 3rd party apps. We use this so we can be confident that our network is well secure and protected as we have adopted the zero trust policy. Configuring APM requires a bit of technical knowledge which is not easy for every administrator. Challenges we face are having the right resources while on leave etc. The F5 Big-IP is an amazing product that helps us secure our environment by providing enterprise-level load balancing capabilities which help us deploy patches etc. The dashboard also helps us understand the trends.
- SAML 2.0 identity federation support.
- Integrates with third-party SSO solutions.
- Bridging modern authentication and authorization (SAML, OAuth/OIDC) and classic authentication and authorization methods.
- Policy routing
- Hard to use
- Access Guided Configuration (AGC) should be improved
July 19, 2022
Review - F5 BIG-IP Access Policy Manager (APM)
F5 BIG-IP Access Policy Manager (APM) is a standard solution to manage access across the network. It has novel features that enable organizations like us control access for applications and all this with high performance. Of course, the cost is something that is worth arguing about otherwise, F5 Big-IP is an excellent access control solution.
- Application access management
- Ease of administration for the administrator
- Wide variety of scope coverage including on-premises, cloud, data center etc.
- Cloud service management and control can certainly get better
- Solution is expensive
- While the customer support is good, there is room for forum discussions that have a good turn-around time for queries.
We use the APM to consolidate remote, mobile, network, virtual desktops, and web access. We use it as an authentication module for connections going throughout virtual servers. We have our primary website sitting behind the F5.
- Secures access to apps, APIs & data.
- Simplifies and centralizes access to apps, APIs & data.
- Authentication module for connections.
- Policy writing is somewhat complex for the novice.
- Some kind of training is a necessity.