Manual Chapter : Creating an access profile for ephemeral authentication

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 16.0.0
Manual Chapter

Creating an access profile for ephemeral authentication

You create an access profile to specify an access policy for traffic that requires ephemeral authentication.
  1. On the Main tab, click
    Access
    Profiles / Policies
    .
    The Access Profiles (Per-Session Policies) screen opens.
  2. Click
    Create
    .
    The New Profile screen opens.
  3. In the
    Name
    field, type a unique name for the access profile.
  4. For the
    Profile Type
    , select
    All
    .
  5. Leave the
    Profile Scope
    , set to
    Profile
    .
  6. For
    Customization Type
    , select
    Modern
    .
    You can also use
    Standard
    but
    Modern
    customization is simpler and provides better compatibility for modern cross-platform and cross-device applications.
  7. On the right of Settings, select
    Custom
    .
  8. For
    Inactivity Timeout
    , shorten the time, for example, to 300 sec (5 min) or an appropriate value shorter than the default.
  9. For
    Maximum Session Timeout
    , shorten the time, for example, to 36000 sec (10 hours) or an appropriate value shorter than the default.
  10. If using SSO (Basic Authentication or Form-Based SSO only), you need to have created an SSO Configuration; in the
    SSO Configuration
    field, select the configuration.
  11. In the Language Settings area, add and remove accepted languages, and set the default language.
    If no browser language matches one in the accepted languages list, the browser uses the default language.
  12. Click
    Finished
    .
The access profile displays in the Access Profiles List. Default-log-setting is assigned to the access profile. Using shorter values for the Inactivity Timeout and the Maximum Session Timeout prevents malicious users from accessing multiple WebSSH resources and maintaining long-lived connections.