Forum Discussion
JD1
Altostratus
AltostratusAPM - Multiple sessions per single VS and APM profile/policy.
Hi All, I've a scenario where multiple URLs land on a policy and the result is determind by the URL originally reached. As expected though, once the policy is completed for one browser session...
It is not dedicated only to SWG, you can use with APM also to improve security of a webtop for example. When you attach a per-request policy to your VS, all your client requests are evaluated by this policy.
With a URL_branching box at the begining of the policy, you can decide what action to perform (like a new authentication) according to the URL requested by the client. The session variable to use is "perflow.category_lookup.result.url". Hope it's clear.
Nicolas_Destor
Cirrostratus
CirrostratusHi,
In case you don't know, since v12 there is per-request policy functionality available that allow you to implement step-up authentication easily (using the same session).
You can find more information here: https://support.f5.com/csp/article/K42521259
JD1Altostratus
AltostratusMy understanding that per-request is for Secure Web Gateway use only, which is why it talks about categorization.
Correct me if I'm wrong on this, but I'm looking purely at an APM reverse proxy stand point to allow resources, but treat each application as a separately governed session.
- JD1
Also, just to tack on the end of my last message - If Per-Request were to work outside of SWG, I believe that's protecting sub-areas of the same application. In this case I'm presenting different applications per host header, which need to be evaluated individually for the entire application.
Many thanks,
JD