Forum Discussion

Cirrostratus

Dec 20, 2016

Security considerations for APM portal access

Security considerations for APM portal access We are publishing an application through APM with a portal access for the first time. With no ASM in front, are there any security aspects we ...

application delivery

BIG-IP Access Policy Manager (APM)

portal

security

Lucas_Thompson_

Historic F5 Account

For security in Portal Access, we generally recommend against proxying the internet, so keep it to internal applications using the split settings in the rewrite profile, so that you're only rewriting your domain.

So:

Split, ACLs. Those are probably the two biggest concerns.

AndOs

Cirrostratus

Dec 22, 2016

Thanks!

Are URIs compared first against the rewrite and bypass list and then ACLs? Or how does the split setting in rewrite profile work together with ACLs?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Security considerations for APM portal access

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

F5 BIG-IP in Cisco ACI Multi-Site and Multi-Pod - Design Considerations

F5 Security Podcasts

Certifications for security professionals

API security

Ensuring Security in Continuous Integration and Continuous Deployment (CI/CD) Pipelines

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS