F5 Synthesis: Supersizing Application Access Services

#SDAS #IAM #IoT #Mobile The new requirements for app delivery include a focus on hyperscaling access to applications.

A plurality (48%) of enterprises deliver between 1 and 500 applications to consumers and employees. A somewhat surprising 21% deliver more than 1000 applications every day*.

Consider, now, the possible combinations (or is it permutations, I always mix those two up) that can be formed along with the increasing number of devices/connections per consumer and employee (predicted to hit 5 per individual by 2017 by Cisco). Oh, and don't forget to consider the potential impact from the Internet of Things. Things that need access to applications and data controlled by corporate access policies.

As you've probably already surmised, traditional access control technology isn't going to scale well in the face of that many potential entry points into the organization. In many cases, even modern access control solutions aren't going to scale - operationally or technologically - to meet that kind of demand.

Application access must not only scale; it has to hyper scale if organizations are going to meet this particularly application delivery challenge.

Part of the reason for this need to hyperscale access is the need to govern both on-premise and off-premise (i.e. cloud) based applications. A recent survey from Intermedia found 89% of respondents "retained access (that is, a valid login and password) to at least one application from a former employer. They named nearly every major app you can think of: Basecamp, Shopify, Desk.com, Office 365, Google Apps, MailChimp, Wordpress, and many more." Modern application access strategies must be able to better control access to these types of applications as well as the traditional internal intranet, productivity and back-office applications.

Hyperscaling access is as much about reach as it is capacity, and it was a focus of recently enhanced services in our portfolio of Software Defined Application Services (SDAS). 

Supersized Software Defined Application Services

With the latest update to BIG-IP we gained some significant supersizing for services. Driven by continued growth in mobility, cloud and recognizing the coming impact of the Internet of Things, we've enhanced our Access and Identity Services both to enable service hyperscale and better support cloud applications and mobile devices.

  • Hyperscale for the device explosion
    F5 Access and Identity services can provide up to 2 million access sessions, connecting more users through a single instance - physical or virtual - than any other solution.
  • Extend and secure single sign-on (SSO)
    F5 Access and Identity services can help alleviate potential bottlenecks caused by browser restrictions on SAML messages with SAML Artifact Binding and extends SSL support for forms which are automatically populated and submitted. This ensures the security of SSO, limits restrictions on SSO, and simplifies SSO for automatic forms.
  • Increase user productivity by extending device availability to remote desktops
    F5 Access and Identity services delivers near-ubiquitous access to MS RDP, increasing user remote access and productivity through support for new platforms (e.g. iOS, Android, Wyse zero clients), and non-Windows platforms (Mac OS, Linux) where only Java-based clients are currently supported. APM also enables access to newer MSRDP functionality, such as multi-monitor support, etc.
  • Simplify secure authentication while enhancing user experience
    F5 Access and Identity services enhance the user experience, decreases human error, and eases authentication and support headaches, by dynamically detecting installed RSA SecurID software tokens, and after prompting the user for their PIN, automatically retrieving the randomly generated passcodes, simplifying authentication. It also enables touch-less user access for Windows devices.
  • Streamline user workflow with cutting-edge SSO support
    F5 Access and Identity services are the only services to extend single sign-on (via SAML) to include client-based applications and other browser-less environments, including desktop applications and server code in web apps, by supporting SAML ECP profiles, enhancing user experience, simplifying user workflow, and increasing user productivity and usability. Many applications, including Microsoft Outlook, are adding support for ECP profiles.

But it's not just about Access and Identity services. One of the biggest impact of more connections and more devices and more applications is the need to locate them in the first place. Without DNS services, the rest is almost irrelevant. The first point of contact is always DNS and F5 ensures that not only is access and identity able to scale to meet the forthcoming challenges but so is DNS.

Already significantly supersized with its capacity to maintain 9.2 billion concurrent connections to apps, F5 ups the ante with a significant improvement to its core DNS response capability. Able to scale up to 40 M query responses per second (RPS), F5 Availability services can simultaneously fend off DNS DDoS, support new apps and services and prevent outages across your DNS infrastructure.

It is almost an axiom that in the enterprise, you can only add more applications and infrastructure, you never take away from what's already deployed. With every new technological shift has come an explosion of new applications that bring with them threats and challenges that must be addressed. Cloud, mobility and the Internet of Things are certainly proving this to be a truism, and it is increasingly the case that application access must be able to meet that challenge.

F5 Synthesis Software Defined Application Services ensure that F5 Access and Identity services are able to to that so you can deliver applications without constraints anywhere, any time, to anyone.

Additional Resources:


* From the forthcoming F5 State of App Delivery 2014.

Published Sep 10, 2014
Version 1.0

Was this article helpful?

No CommentsBe the first to comment