Manual :
BIG-IP Access Policy Manager: Third-Party Integration
Applies To:
Show Versions
BIG-IP APM
- 13.1.1, 13.1.0
Original Publication Date: 12/19/2017
- Shaping Citrix Client MultiStream ICA Traffic
- APM Integration with Oracle Access Manager
- Integrating APM with Oracle Access Manager
- VMware Horizon View Requirements for APM Integration
-
Authenticating Standalone View Clients with APM
-
Overview: Authenticating View Clients with APM
- About the iApp for VMware Horizon View integration with APM
- About APM support for VMware View USB redirection
- About ACLs to control access from remote desktop resources
- Creating a pool of View Connection Servers
- Configuring a VMware View remote desktop resource
- Configuring a full webtop
- Creating an access profile
- Verifying log settings for the access profile
- Creating an access policy for View Client authentication
- Configuring USB redirection and passing variables to a Start Session Script
- Creating a connectivity profile
- Verifying the certificate on a View Connection Server
- Configuring an HTTPS virtual server for View Client authentication
- Configuring a UDP virtual server for PCoIP traffic
- Configuring virtual servers that use a private IP address
- Configuring APM for non-default port on VMware Horizon View
-
Overview: Authenticating View Clients with APM
-
Presenting a View Desktop on an APM Webtop
-
Overview: Accessing a View Desktop from an APM webtop
- About client requirements to launch View Client from a webtop
- About APM support for VMware View USB redirection
- About SSO and Horizon View HTML5 client
- About the iApp for VMware Horizon View integration with APM
- About ACLs to control access from remote desktop resources
- Creating a pool of View Connection Servers
- Configuring a VMware View remote desktop resource
- Configuring a full webtop
- Creating an access profile
- Verifying log settings for the access profile
- Creating an access policy for a dynamic webtop
- Assigning resources to the access policy
- Configuring USB redirection and passing variables to a Start Session Script
- Creating a connectivity profile
- Verifying the certificate on a View Connection Server
- Configuring an HTTPS virtual server for a dynamic webtop
- Configuring a UDP virtual server for PCoIP traffic
- Configuring virtual servers that use a private IP address
- Configuring APM for non-default port on VMware Horizon View
-
Overview: Accessing a View Desktop from an APM webtop
- Tips for Standalone View Client and Dynamic Webtop Integration
-
Integrating APM with VMware Identity Manager
-
Overview: Processing VDI traffic for VMware Identity Manager
- VMware Identity Manager and DNS configuration requirements
- Configuring forms-based SSO for VMware Identity Manager
- Configuring an access profile for VMware Identity Manager
- Configuring an access policy for SSO
- Creating a pool for VMware Identity Manager
- Configuring an HTTPS virtual server
- Configuring a UDP virtual server for PCoIP traffic
- VMware clients and APM integration with VMware Identity Manager
-
Overview: Processing VDI traffic for VMware Identity Manager
-
Smart Card Authentication for VMware View Clients
- About APM configurations that support VMware smart card use
-
Overview: Supporting smart card SSO for VMware View
- About standalone View Client on the webtop and smart card SSO
- About Horizon HTML5 Client and smart card authentication
- About virtual servers required for View Client traffic
- Creating a client SSL profile for certificate inspection
- Creating a virtual server for a BIG-IP (as SAML IdP) system
-
Configuring IdP service for VMware View smart card SSO
- Exporting unsigned SAML IdP metadata from APM
- Adding an artifact resolution service to the IdP metadata
- Creating an iRule to respond with IdP metadata to a URI
- Establishing APM as a trusted SAML IdP for VMware Horizon View
- Importing VMware VCS metadata to create an SP connector
- Binding a SAML IdP service to one SP connector
- Configuring a VMware View resource for smart card authentication
-
Creating an access profile
- Example: Smart card authentication required for View clients
- Example: Smart card authentication optional for View clients
- Example: Two-factor authentication with smart card for View clients
- Creating an access policy for VMware View smartcard authentication
- Using variable assign to extract the UPN from the SSL certificate
- Updating the Access Policy settings and resources on the virtual server
- Configuring a UDP virtual server for PCoIP traffic
- Configuring virtual servers that use a private IP address
-
Overview: Supporting smart card authentication for VMware View
- About standalone View Client and smart card authentication
- About browser-based access and smart card authentication for VMware
- About Horizon HTML5 Client and smart card authentication
- About virtual servers required for View Client traffic
- Creating a client SSL profile for certificate inspection
- Creating a virtual server for a BIG-IP (as SAML IdP) system
- Configuring IdP service for VMware View smart card authentication
- Exporting unsigned SAML IdP metadata from APM
- Adding an artifact resolution service to the IdP metadata
- Creating an iRule to respond with IdP metadata to a URI
- Establishing APM as a trusted SAML IdP for VMware Horizon View
- Configuring a SAML SP connector for VMware VCS
- Binding a SAML IdP service to one SP connector
- Configuring a VMware View resource for smart card authentication
- Creating an access profile
- Updating the Access Policy settings and resources on the virtual server
- Configuring a UDP virtual server for PCoIP traffic
- Configuring virtual servers that use a private IP address
- Overview: Giving APM users time for smart card authentication
-
Integrating APM with PingAccess Servers
-
Overview: Integrating APM with PingAccess
- Prerequisites for PingAccess integration
- PingAccess SSL certificates and BIG-IP configuration
- Uploading PingAccess agent properties to APM
- Configuring a local traffic pool of PingAccess servers
- Creating a PingAccess profile for APM authentication
- Configuring a pool of web application services to protect
- Creating a virtual server for a PingAccess profile
- Troubleshooting SSL handshake failure
- Modifying APM logging for PingAccess profile
-
Overview: Integrating APM with PingAccess
-
Using APM as a Gateway for RDP Clients
-
Overview: Configuring APM as a gateway for Microsoft RDP clients
- About supported Microsoft RDP clients
- About Microsoft RDP client login to APM
- Configuring an access profile for resource authorization
- Verifying log settings for the access profile
- Configuring an access policy for resource authorization
- Creating an access profile for RDP client authorization
- Verifying log settings for the access profile
- Configuring an access policy for an RDP client
- Configuring a machine account
- Creating an NTLM Auth configuration
- Maintaining a machine account
- Configuring a VDI profile
- Creating a connectivity profile
- Creating a custom Client SSL profile
- Creating a virtual server for SSL traffic
- Implementation result
- Overview: Processing RDP traffic on a device configured for explicit forward proxy
-
Overview: Configuring APM as a gateway for Microsoft RDP clients
-
APM as an Active Directory Federation Services (AD FS) Proxy
- About APM support for AD FS proxy
- AD FS versions that APM supports as an AD FS proxy
- Overview: Configuring APM as an AD FS proxy
- Overview: Using alternate port for client certificate authentication (AD FS 3.0 or 4.0)
- Overview: Using alternate hostname for client certificate authentication (AD FS 4.0)
- Overview: Configuring APM to support AD F5 device registration (Workplace Join)
- Overview: Securing browser access to AD FS with an access policy
- Configuring AAA Servers in APM
- Configuring MS OFBA for Sharepoint in APM
- Webtop Sections
- Logging and Reporting
- Resources and Documentation
- Legal Notices
