ZeroTrust-F5 BIG-IP APM-Idp Integration-Cisco vManage

Zero Trust is a high-level approach that believes that persons, devices, and services seeking to access corporate resources, including those within the network, cannot be trusted automatically. To improve security, certain users are confirmed each time they seek access, even if they have previously been authorized.

In this lab we would learn how we could authenticate users where Cisco vManage allows administrators to configure Single Sign-on through BIG-IP APM acting as Idp (Identity Provider). 

Integrating with F5 BIG-IP APM as Idp, we are able to use a wide range of authentication methods and Multi-Factor Authentication techniques to enhance admins secure access.

Below are the main parts:  

1- Identity Provider (Idp): In our case, F5 acts as Idp that integrate with different authentication services with MFA if required.

2- Service Provider (SP): In our case, Cisco vManage.

3- Users: Whether admins, guests or operator level users, they are the one initiating the access and providing the credentials.

The goal of the lab is to configure BIG-IP APM as Idp (Identity Provider) to authenticate users to login to Cisco vManage configured as service provider for ZeroTrust enablement

F5 BIG-IP APM(Access Policy Manager)

Cisco vManage