Forum Discussion

Nimbostratus

Jul 24, 2016

APM with external Logon page

In our case APM+LTM acts as reverse proxy and https offloading. So far it also does authentication to Active Directory. What are the security implications of using external logon page/web site instea...

application delivery

BIG-IP Access Policy Manager (APM)

security

boneyard

MVP

Jul 24, 2016

as so often it depends:

if you run the external page on a raspberry pi with an unpatched apache connected via a 3G modem then you are quite susceptible for hacking / ddos.

if you place the website behind the LTM/APM that is currently in place the difference is quite small. as long as the server is maintained well.

if you run the external page on a well configured and regularly patched webserver, protected by a WAF and via an internet line protected by cloud based scrubbing service then it might be better.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)