beautypg.com

0 introduction, 1 scope of document, 2 prerequisites – HID ActivID 4TRESS AAA Server and F5 BIG-IP User Manual

Page 3: Introduction, Scope of document, Prerequisites

background image

ActivIdentity 4TRESS AAA Web Tokens and F5 APM | Integration Handbook

P 3

External Use | July 12, 2012 | © 2012 ActivIdentity

1.0 Introduction

The F5

®

Networks

BIG-IP

®

Access Policy Manager (APM) is a software component of the BIG-IP hardware

platform that provides users with secured connections to specific Web applications or the entire corporate

network. By leveraging standard Web browsers and security technology, the APM enables your corporation or

organization to provide users access to various internal resources easily and cost-effectively, with no special

software or configuration on user systems.
The ActivIdentity solutions that work with F5 incorporate SSL VPN solutions with versatile, strong authentication

that is flexible, scalable, and simple to manage. ActivIdentity offers two solutions:

ActivIdentity® 4TRESS AAA Server for Remote Access—Addresses the security risks associated

with a mobile workforce remotely accessing systems and data.

ActivIdentity 4TRESS Authentication Server (AS)—Offers support for multiple authentication methods

that are useful for diverse audiences across a variety of service channels (SAML, Radius, etc.),

including user name and password, mobile and PC soft tokens, one-time passwords, and transparent

Web soft tokens.

1.1

Scope of Document

This document explains how to set up ActivIdentity 4TRESS AAA Web token authentication with the F5 APM. Use

this handbook to enable authentication via a Web soft token for use with an SSL-protected F5 VPN.

1.2

Prerequisites

The ActivIdentity 4TRESS AAA Server is up-to-date (v6.7) with LDAP users and groups already

configured.

F5 BIG-IP APM version 11.1.x installed and configured.

The Web soft token is configured to work with or without a PIN.

Users have static LDAP passwords for access to the Self Help Desk to enroll Web tokens.

The F5 login page has been customized (illustrated in this handbook).

Note: Using F5 double authentication (an LDAP password plus a one-time password) is optional. You

can configure the sign-in page so that users use a static LDAP passwords instead of the Web soft

token PIN.

See also other documents in the category HID Equipment: