Your users expect full access.

So give it to them—securely.

Users expect easy access to the applications and data they need from any device and any location—whether those resources are in a data center, the cloud, SaaS-based, or a hybrid environment. Access isn’t negotiable.

The challenge is, to keep applications and data safe, you need to know where users are connecting from, what device they’re using, and what they’re trying to connect to.

BIG-IP Access Policy Manager (APM) contextually secures, simplifies, and protects user access to apps and data, while delivering the most scalable access gateway on the market.


Control access without adding complexity.

Save time and money by combining your access infrastructure with BIG-IP APM. Its scalability lets you consolidate your access gateways onto a single device or virtual edition, powered by a single policy engine.

BIG-IP APM integrates with the enterprise mobility management (EMM) products you already use for enhanced security and ease of use.

BIG-IP APM also has native VDI proxy support for Citrix, Microsoft, and VMware on both desktop and mobile devices. This reduces the complexity of your network design via infrastructure consolidation.


Password management: The struggle is real.

If your users have to create a password for every app they use, chances are they aren’t going to create a unique password every time. That makes it easier for attackers to break into your apps and steal your company’s data.

BIG-IP APM lets you federate user identity and enables single sign-on (SSO), simultaneously enhancing and securing access. And that’s true wherever your apps are located—data center, cloud, or hybrid environment.

Using the Security Assertion Markup Language (SAML) standard, BIG-IP APM—serving as both a SAML identity provider (IdP) and service provider—allows user credentials to remain safe and secure in one place, while a trusted token is passed to applications when a user signs in.

BIG-IP APM can also handle authentication to all your apps. It supports multiple authentication methods, including multi-factor authentication (MFA), so users sign in once and can securely access the apps they need to do their jobs—apps like Office or Office 365, Microsoft Exchange, SharePoint, Salesforce, and more—over all networks and from all devices.


Visual policy creation and management.

Just click, pick, and move.

BIG-IP APM includes the Visual Policy Editor (VPE), a graphical user interface that makes it easy to create, edit, and manage identity-aware, context-based policies—just click, pick, and move.

The VPE saves you time and hassle, as well as giving you a holistic view of your policies and how they’re connected across your network. You won’t find anything quite like it from any other access vendor.


Better together.

F5 products, technologies, and solutions work together to make sure your applications are always protected and work the way they should. Extend the effectiveness of BIG-IP APM by combining it with the following products..

Secure Web Gateway Services

Paired with BIG-IP APM, lets you create and administer policies to manage web access, as well as spot and block web-borne threats.

BIG-IP Application Security Manager (ASM)

Gives you the flexibility to deploy web application firewall (WAF) services close to apps, so they’re protected wherever they reside.

BIG-IQ Centralized Management

Helps you manage security policies and centralize reports and alerts across BIG-IP AFM and BIG-IP ASM.