APM Question -> Remember my computer/device ?

jona187_168823 · ‎20-May-2015

Can APM remember a device after an initial logon?

For example, if I login to a device using token and AD credentials, I get access to the resources behind the APM.

Now for the second time with the same machine, can it just go through....kind of like Google's remember my computer or does this require a second party app for risk based authentication?

Seth_Cooper · ‎20-May-2015

Hi,

You should be able to use an iRule to store a key/value pair of machine name and user name. You would then have logic in the VPE and iRules to allow access if the machine had a corresponding username in the table.

I would suggest to use client certificates instead as machine names could be spoofed really easy.

Seth

jona187_168823 · ‎20-May-2015

Where is this tabled stored ?

In memory or somewhere physical?

I can't do machine certs, because it would be for both trusted and non trusted devices. Can the APM provision certs to devices that pass a strong multifactor challenge>?

Seth_Cooper · ‎20-May-2015

The table is stored in memory.

The APM cannot provision certs to devices.

Your best bet is to use some location aware service for authentication like Toopher or one of the other mobile apps that provide this type of access.

-Seth

jona187_168823 · ‎21-May-2015

Thanks Seth.

Roman_ · ‎26-Oct-2022

hello,

anyone have solution/irule for this case?

DevCentral

APM Question -> Remember my computer/device ?

MFA required on DevCentral