Manual Chapter : BIG-IP Edge Applications

Applies To:

Show Versions Show Versions

BIG-IP APM

  • 11.6.5, 11.6.4, 11.6.3, 11.6.2, 11.6.1
Manual Chapter

Overview: Configuring APM for BIG-IP Edge Applications

A connectivity profile contains default settings for these mobile clients:

  • BIG-IP® Edge Client® for Android
  • BIG-IP Edge Portal® for Android
  • BIG-IP Edge Client for iOS
  • BIG-IP Edge Portal for iOS

The settings are security-related. They specify how to handle password caching (disabled by default in all cases), and device or PIN locking (enabled where supported). Customize the available settings to meet your requirements.

Task summary

Configuring security settings for iOS Edge Clients

You must create a connectivity profile before you start this task.
A connectivity profile automatically contains default settings for BIG-IP® Edge Client® for iOS clients. You update the settings to change the way password caching and on demand disconnect are handled.
  1. On the Main tab, click Access Policy > Secure Connectivity. A list of connectivity profiles displays.
  2. Select the connectivity profile that you want to update and click Edit Profile. The Edit Connectivity Profile popup screen opens and displays General Settings.
  3. From Mobile Client Settings in the left pane, select iOS Edge Client. Settings for the iOS Edge Client display in the right pane.
  4. If you want users to be able to save their passwords, select the Allow Password Caching check box.
  5. For Save Password Method, specify how to use password caching:
    • To allow the user to save the encrypted password on the device without a time limit, select disk.
    • To specify that the user password is cached in the application on the user's device for a configurable period of time, select memory.
    If you select memory, the Password Cache Expiration (minutes) field becomes available.
  6. If the Password Cache Expiration (minutes) field displays, type the number of minutes you want the password to be cached in memory.
  7. For Maximum Inactivity Time (minutes), retain the default 5, or type a different number of minutes.
  8. In the On Demand Disconnect Timeout (minutes) field, retain the default 2, or type a different number of minutes before VPN on demand times out.
  9. Click OK. The popup screen closes, and the Connectivity Profile List displays.
You have now customized the password caching and on demand disconnect settings for BIG-IP Edge Client for iOS clients.
To provide functionality with a connectivity profile, you must add the connectivity profile and an access profile to a virtual server.

Configuring security settings for Android Edge Clients

You must create a connectivity profile before you start this task.
A connectivity profile automatically contains settings for BIG-IP® Edge Client® for Android clients. You update the settings to change the way password caching and device locking are handled.
  1. On the Main tab, click Access Policy > Secure Connectivity. A list of connectivity profiles displays.
  2. Select the connectivity profile that you want to update and click Edit Profile. The Edit Connectivity Profile popup screen opens and displays General Settings.
  3. From Mobile Client Settings in the left pane, select Android Edge Client. Settings for the Android Edge Client display in the right pane.
  4. If you want users to be able to save their passwords, select the Allow Password Caching check box.
  5. For Save Password Method, specify how to use password caching:
    • To allow the user to save the encrypted password on the device without a time limit, select disk.
    • To specify that the user password is cached in the application on the user's device for a configurable period of time, select memory.
    If you select memory, the Password Cache Expiration (minutes) field becomes available.
  6. If the Password Cache Expiration (minutes) field displays, type the number of minutes you want the password to be cached in memory.
  7. Click OK. The popup screen closes, and the Connectivity Profile List displays.
  8. To enhance security on the client, retain the selection of the Enforce Device Lock check box (or clear the check box). This check box is selected by default. Edge Portal® and Edge Client support password locking, but do not support pattern locking. If you clear this check box, the remaining settings become unavailable.
  9. For Device Lock Method, retain the default numeric, or select a different method from the list.
  10. For Minimum Passcode Length, retain the default 4, or type a different passcode length.
  11. For Maximum Inactivity Time (minutes), retain the default 5, or type a different number of minutes.
  12. Click OK. The popup screen closes, and the Connectivity Profile List displays.
You have now customized the password caching and device lock settings for BIG-IP Edge Client for Android clients.
To provide functionality with a connectivity profile, you must add the connectivity profile and an access profile to a virtual server.

Configuring security settings for iOS Edge Portal clients

You must create a connectivity profile before you start this task.
A connectivity profile automatically contains settings for BIG-IP® Edge Portal® for iOS clients. You update the settings to change the way password caching and device locking are handled.
  1. On the Main tab, click Access Policy > Secure Connectivity. A list of connectivity profiles displays.
  2. Select the connectivity profile that you want to update and click Edit Profile. The Edit Connectivity Profile popup screen opens and displays General Settings.
  3. From Mobile Client Settings in the left pane, select Android Edge Portal. Settings for the Android Edge Portal display in the right pane.
  4. If you want users to be able to save their passwords, select the Allow Password Caching check box.
  5. For Save Password Method, specify how to use password caching:
    • To allow the user to save the encrypted password on the device without a time limit, select disk.
    • To specify that the user password is cached in the application on the user's device for a configurable period of time, select memory.
    If you select memory, the Password Cache Expiration (minutes) field becomes available.
  6. If the Password Cache Expiration (minutes) field displays, type the number of minutes you want the password to be cached in memory.
  7. Click OK. The popup screen closes, and the Connectivity Profile List displays.
  8. Specify security by keeping Enforce PIN Lock set to Yes. Edge Portal supports PIN locking, but does not support pattern locking.
  9. For Maximum Grace Period (minutes), retain the default 2, or type a different number of minutes.
  10. Select Yes or No from the Allow External Access list.
  11. For Maximum Inactivity Time (minutes), retain the default 5, or type a different number of minutes.
  12. Click OK. The popup screen closes, and the Connectivity Profile List displays.
You have now customized the password caching and pin lock settings for BIG-IP Edge Portal for iOS clients.
To provide functionality with a connectivity profile, you must add the connectivity profile and an access profile to a virtual server.

Configuring security settings for Android Edge Portal clients

You must create a connectivity profile before you start this task.
A connectivity profile automatically contains settings for BIG-IP® Edge Portal® for Android clients. You update the settings to change the way password caching and device locking are handled.
  1. On the Main tab, click Access Policy > Secure Connectivity. A list of connectivity profiles displays.
  2. Select the connectivity profile that you want to update and click Edit Profile. The Edit Connectivity Profile popup screen opens and displays General Settings.
  3. From Mobile Client Settings in the left pane, select Android Edge Portal. Settings for the Android Edge Portal display in the right pane.
  4. If you want users to be able to save their passwords, select the Allow Password Caching check box.
  5. For Save Password Method, specify how to use password caching:
    • To allow the user to save the encrypted password on the device without a time limit, select disk.
    • To specify that the user password is cached in the application on the user's device for a configurable period of time, select memory.
    If you select memory, the Password Cache Expiration (minutes) field becomes available.
  6. If the Password Cache Expiration (minutes) field displays, type the number of minutes you want the password to be cached in memory.
  7. Click OK. The popup screen closes, and the Connectivity Profile List displays.
  8. To enhance security on the client, retain the selection of the Enforce Device Lock check box (or clear the check box). This check box is selected by default. Edge Portal® and Edge Client support password locking, but do not support pattern locking. If you clear this check box, the remaining settings become unavailable.
  9. For Device Lock Method, retain the default numeric, or select a different method from the list.
  10. For Minimum Passcode Length, retain the default 4, or type a different passcode length.
  11. For Maximum Inactivity Time (minutes), retain the default 5, or type a different number of minutes.
  12. Click OK. The popup screen closes, and the Connectivity Profile List displays.
You have now customized the password caching and device lock settings for BIG-IP Edge Portal for Android clients.
To provide functionality with a connectivity profile, you must add the connectivity profile and an access profile to a virtual server.