F5 BIG-IP Access Policy Manager (APM)
Remote desktop software
Multi-factor authentication (MFA) software
Single sign-on (SSO) solutions
Network access control software
Identity management software
Network security software
- Features
- Ease of use
- Ease of management
- Quality of support
- Affordability
- Market presence
Take the quiz to check if F5 BIG-IP Access Policy Manager (APM) and its alternatives fit your requirements.
Contact the product provider
Free Trial
Free version unavailable
Small
Medium
Large
-
What is F5 BIG-IP Access Policy Manager (APM)
F5 BIG-IP Access Policy Manager (APM) is an access and identity security module for the BIG-IP platform that provides secure remote access, application access control, and centralized policy enforcement. It is used by IT and security teams to publish internal web apps and virtual desktops, enforce authentication (including MFA), and apply context-based access policies for users and devices. APM commonly serves as a VPN replacement or complement, and as a front door for enterprise applications integrated with directory services and identity providers. It is typically deployed as an appliance or virtual edition and managed as part of the BIG-IP ecosystem.
Centralized access policy enforcement
APM provides a single policy engine to control access to multiple internal applications and resources. Administrators can apply step-up authentication, endpoint posture checks, and per-app authorization rules from one place. This helps standardize access controls across different user groups and application types. It fits organizations that need consistent policy enforcement at the network edge.
Broad enterprise authentication integrations
APM supports common enterprise identity sources and federation patterns, including integration with directory services and SSO methods used for web applications. It can act as an access gateway in front of apps without requiring changes to each application. This is useful in environments with a mix of legacy and modern applications. It also supports MFA workflows through built-in methods and integrations.
Remote access for apps and desktops
APM can provide secure remote access to internal web applications and virtual desktop resources through a gateway approach. It supports use cases where organizations need controlled access without exposing internal networks broadly. Compared with general-purpose remote support tools, it focuses on enterprise access control and policy rather than ad-hoc technician-to-endpoint sessions. This aligns with regulated or segmented network environments.
Complex deployment and operations
APM is typically implemented as part of the BIG-IP platform, which can require specialized skills to design, deploy, and maintain. Policy configuration, authentication flows, and troubleshooting often involve multiple components and detailed networking knowledge. Organizations without existing BIG-IP expertise may face longer implementation timelines. Ongoing changes can require careful change control to avoid access disruptions.
Not a full IAM suite
APM focuses on access gateway functions (authentication, authorization, and session control) rather than full identity lifecycle management. It does not replace systems used for provisioning/deprovisioning, identity governance, or HR-driven identity workflows. Customers may still need separate tools for identity administration and governance. This can increase overall architecture complexity when broader IAM capabilities are required.
Licensing and platform dependency
APM is licensed as a BIG-IP module and is tied to the BIG-IP deployment model (appliance/virtual/cloud images). Total cost and scalability planning depend on BIG-IP sizing, throughput, and user/session licensing considerations. This can be less straightforward than SaaS-first access products with per-user pricing. Vendor-specific platform dependency can also affect long-term flexibility.
Plan & Pricing
| Plan / Packaging | Price (official site) | Key features & notes |
|---|---|---|
| Good (GBB bundle) | Not published — contact F5 sales | Intelligent local traffic management (basic LTM capabilities). APM is not part of Good. Source: F5 Perpetual Licensing page. |
| Better (GBB bundle) | Not published — contact F5 sales | Good capabilities + advanced application delivery optimization. APM may be available as a separate module (see notes). Source: F5 Perpetual Licensing page. |
| Best (GBB bundle) | Not published — contact F5 sales | Includes advanced access management and security functionality; BIG-IP Access Policy Manager (APM) is listed under Best. Source: F5 Perpetual Licensing page. |
| BIG-IP APM module (standalone or add-on) | Not published — contact F5 sales | Available as a module for BIG-IP hardware, VIPRION, or as a virtual edition (VE). Licensing models listed on official site: perpetual (GBB bundles and module), VE subscriptions, cloud marketplace, and ELAs. Official site does not publish per-seat or list prices; contact F5/reseller for quotes. Sources: F5 BIG-IP APM product page; Perpetual Licensing page; BIG-IP APM datasheet. |
| BIG-IP VE / Cloud marketplace (APM enabled on VE) | Not published — contact F5 sales / marketplace | BIG-IP VE is offered as subscription/marketplace images; trials available. Pricing details are handled via VE subscription or cloud provider marketplace. Source: F5 Perpetual Licensing & Trials pages. |
Seller details
F5, Inc.
Seattle, Washington, USA
1996
Public
https://www.f5.com/
https://x.com/f5
https://www.linkedin.com/company/f5/
