Big IP APM EAP-TLS integration

Dear all,

 

I am looking for a way to implement the APM with two factor authentication for different remote clients(Windows, Iphone, Symbian etc). Now I am thinking about deploying a Microsoft Network Policy Server (NPS) for RADIUS authentication and a Certificate Authority(CA) for certificate distribution, because we would like to use EAP-TLS as the authentication protocol. This protocol is more secure than PEAP for example.

 

Anyone experience with this setup? Can anyone share some information or links with information I can use in the designing process?

 

Any help will be appreciated.

 

Thanks,

 

Marvin