Ads 468x60px

Featured Posts

20 May 2019

F5 BIG-IP APM – SSO for Terminal Services



F5 BIG-IP APM is a good alternative to the deprecated Juniper SSL VPN, which has been sold to Pulse Secure, because APM unifies SSL VPN services and the management of authentication and user accesses, integrating SSO Authentication and federation of identities services into the same solution. Therefore, F5 BIG-IP APM can be used for telecommuting as well as for Virtual Desktop Infrastructures (VDI) due to the fact that APM supports native VDIs such as Microsoft, VMWare and Citrix and also supports most authentication mechanisms (NTLM, Kerberos, SAML, digital certificates, tokens, OTPs, etc).

I made a video last week about Portal Access & Webtops and I would like to share a new video this week about Single Sign-On for Terminal Services. You will watch, it’s easy to configure SSO for Terminal Services but it’s a useful feature in most organizations for employees and partners who work from home, airport or wherever.


I think, it’s important to highlight that some extensions are needed when creating the SSL Certificate for the SSL Profile (Client) because the VDI Profile generates a cryptographic signature based on the attached client SSL Profile. However, if the SSL Certificate doesn’t have these extensions, there will be a message error when we connect to the Remote Desktop.

"The digital signature of this RDP File cannot be verified. The remote connection cannot be started".

 APM - User Defined RDP in version 13 - digital signature issue

I hope this video is useful for you. Regards my friends! Keep learning!

13 May 2019

F5 BIG-IP APM - Portal Access & Webtops



The last two weeks have been a little bit stressful but at the same time very rewarding. Firstly, I’ve had to make ready lots of F5 labs and slides because I’ve been the teacher of a F5 training. Secondly, it’s very rewarding because I’ve also learnt a lot thanks to the students’ questions. Actually, the first course week has been about F5 BIG-IP LTM Fundamentals while the second week has been about, three days of F5 BIG-IP LTM Advanced and two days of F5 BIG-IP APM.

We’ve talked about new technologies such as HTTP/2 and HSTS which could be interesting for new application deployments. We’ve also been speaking about advanced TCP options such as Multipath TCP, SACK, Long Fat Networks and the Nagle’s Algorithm. All of these concepts were new for students. They didn’t know anything about it. However, F5 BIG-IP has able to deliver applications with these TCP options. What’s more, F5 BIG-IP APM has able to deliver Access Portals with Single Sign-On (SSO) which is very useful for organizations who wants an unique web portal to access all internal applications with the same credentials. An access portal with SSO for applications is like Google does with all the applications.

Google Single Sign-On for Gmail Applications

I wrote about throw away your firewalls two summers ago when I read Google has an Access Portal with SSO for employees where they can work from Internet as they were inside the Google building. Therefore, we can watch in the next video how to configure an Access Portal, which can be configured along with SSO Authentication, where there are Webtops to access internal applications. F5 BIG-IP APM allows organizations to have an unique Access Portal with SSO Authentication to access all internal and external applications.


I hope this video is useful for you. I've learnt a lot!! Keep learning my friends!
Related Posts Plugin for WordPress, Blogger...

Entradas populares