For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

wesleyvdzalm_25's avatar
wesleyvdzalm_25
Icon for Nimbostratus rankNimbostratus
Mar 15, 2016

Some questions about SSL VPN

Hi All,   I have some questions about the SSL VPN solution that F5 networks offers. This are questions that I couldnt find on the website. Hopefully someone can help me out answering does question...
application delivery
BIG-IP
Secure Web Gateway
security
Yann_Desmarest's avatar
Yann_Desmarest
Icon for Cirrus rankCirrus
Mar 15, 2016

Hello,

 

Endpoint Check is a feature available on APM, you can configure it within your authentication workflow (VPE) and check an option to continously check the endpoint after authentication has been successful.

 

The Visual Policy Editor (VPE) allow you to define granular authentication policies. So point 2) can be achieved by F5 APM.

 

Advertising multiple URL is fine. But technically, advertising multiple certificates based on URL is more difficult. You can do it using different hostname on several VIPs or on a single VIP using SSL SNI option for example

 

When a session is closed, cached session variable are deleted. But keep in mind that some information stay accessible in logs. Moreover, cookie information are handled by the client. When closing the session properly, F5 APM force the browser to delete cookies on the client side. You can also use the "Cache cleaner" feature which is part of the Endpoint Security set of features