-
-
-
- Gestion du trafic
- Équilibrage de charge L7 programmable
- Équilibrage de charge du serveur global
- DNS Delivery
- Policy Enforcement
- Sécurité des applications
- Web Application Firewall
- Identity and Access Management
- SSL Orchestration
- Infrastructure Security
- L4 Firewall
- Anti-DDoS
- Automation, Orchestration, and Management
- Automation Toolchain
- Container Ingress Services
- BIG-IQ Centralized Management
- Beacon Visibility and Analytics
- NGINX Controller
-
- Cloud Services (aaS)
- DNS Cloud Service
- DNS Load Balancer Cloud Service
- Essential App Protect Service
- Logiciels cloud
- BIG-IP Cloud Edition
- BIG-IP Virtual Edition
- NGINX Plus
- NGINX OSS
- NGINX Unit
- Matériel
- BIG-IP iSeries Appliances
- BIG-IP VIPRION Chassis and Blades
- Managed Services
- Silverline Web Application Firewall
- Silverline DDoS Protection
-
-
Authentication in Context: Add the Right Controls for Every User
Applications have escaped from the data center. Your business may have applications running in many different environments serving users who switch between locations and devices rapidly. As your infrastructure evolves to meet the challenges of this dispersed, interconnected world, you need to re-evaluate your authentication and access management solutions.
Are usernames and passwords sufficient for a world where hackers are constantly trying to steal passwords through software or social engineering? Should you treat a user on a corporate-managed machine on a company site the same as you would a user coming in using their personal device from a café on the other side of the world? While the easy answer to these questions is “no,” the idea of actually doing anything about the situation might seem overwhelming. The good news: finding solutions to difficult problems is what IT is all about.
For critical systems, simple usernames and passwords might be too weak to be the only authentication method. For the new world of the dissolved perimeter, you need context. Where is the connection coming from; is the source IP address suspicious? Is it a corporate-managed device? What time of day is it? Once you have a solution that can capture and use that contextual intelligence, you can decide which controls to apply to any given situation.
Do you need two-factor authentication? One-time passwords or a flat denial? With a flexible authentication solution, you can apply different controls to the same user depending on where they are, what device they are using, and when they are attempting access. This gives you the control to impose the correct level of authentication while minimizing the friction for valid users as they log into systems. A key factor here is single sign-on; once your users have authenticated once, they can be seamlessly signed into other applications for a set period of time.
The technology to implement this kind of solution is essentially an intelligent authentication proxy. This kind of service provides a centralized user login facility, which establishes a user’s identity in one or more ways, then proceeds to authenticate them into different applications, possibly by dissimilar authentication schema.
To function efficiently, this service requires several features: compatibility with a number of authentication systems, an easy-to-configure access policy, and the ability to authenticate users into a range of applications. Add in some centralized management and you have a comprehensive access and identity solution that is ready to provide secure and appropriate access control for your applications—no matter where they are.