You can configure Access Policy Manager® (APM®) to act as a Policy Enforcement Point (PEP) in place of PingAccess agents installed on web servers. In this case, APM intercepts client requests to web applications, and queries PingAccess servers for policy decisions. APM then enforces the policy decisions that the PingAccess server provides, such as these:
Infrastructure for a PingAccess deployment might include one or more PingAccess servers with zero or more agents configured on each one. Before you start to configure Access Policy Manager® (APM®) for PingAccess, download agent properties files from PingAccess servers. If PingAccess servers are deployed in a cluster, you need only one agent properties file per agent instance.
For more information, refer to PingAccess Deployment Guide, which is available from Ping Identity.
A PingAccess agent properties file can include only one SSL certificate. When importing the PingAccess agent properties file, Access Policy Manager® (APM®) can also import the SSL certificate. With the certificate imported, APM creates a server SSL profile and specifies the SSL certificate in the Trusted Certificate Authorities field.
For more information, refer to BIG-IP® System: SSL Administration on the AskF5™ web site located at support.f5.com/.
If APM imported the server SSL certificate from the PingAccess agent properties file, the profile name matches the properties file name.