Manual Chapter :
Creating an access profile for ephemeral authentication
Applies To:
Show Versions
BIG-IP APM
- 17.1.2, 17.1.1, 17.1.0, 17.0.0, 16.1.5, 16.1.4, 16.1.3, 16.1.2, 16.1.1, 16.1.0, 16.0.1, 16.0.0
Creating an access profile for ephemeral authentication
You create an access profile to specify an
access policy for traffic that requires ephemeral authentication.
- On the Main tab, click .The Access Profiles (Per-Session Policies) screen opens.
- ClickCreate.The New Profile screen opens.
- In theNamefield, type a unique name for the access profile.
- For theProfile Type, selectAll.
- Leave theProfile Scope, set toProfile.
- ForCustomization Type, selectModern.You can also useStandardbutModerncustomization is simpler and provides better compatibility for modern cross-platform and cross-device applications.
- On the right of Settings, selectCustom.
- ForInactivity Timeout, shorten the time, for example, to 300 sec (5 min) or an appropriate value shorter than the default.
- ForMaximum Session Timeout, shorten the time, for example, to 36000 sec (10 hours) or an appropriate value shorter than the default.
- If using SSO (Basic Authentication or Form-Based SSO only), you need to have created an SSO Configuration; in theSSO Configurationfield, select the configuration.
- In the Language Settings area, add and remove accepted languages, and set the default language.If no browser language matches one in the accepted languages list, the browser uses the default language.
- ClickFinished.
The access profile displays in the Access Profiles List. Default-log-setting is
assigned to the access profile. Using shorter values for the Inactivity Timeout and the
Maximum Session Timeout prevents malicious users from accessing multiple WebSSH
resources and maintaining long-lived connections.
