What is Application Access Management (AAM)?

The Need for Simplified Centralized Authentication

Authentication and authorization are critical requirements for online communications. With more and more remote transactions from e-commerce based electronic funds transfers to remote healthcare diagnostics to inter-governmental diplomatic communiques taking place over the public internet, the parties involved must be validated.

The ongoing shift towards cloud services, BYOD devices and social networks from internal and external web-based access has substantially increased the difficulties in how administrators oversee IT security. Yet employees, partners, customers, and vendors alike now demand secure access to a growing range of applications – from any location and on any device. Often these are mission-critical business applications such as Oracle, SAP, SharePoint, and Microsoft Exchange.

To protect application servers and other resources from unauthorized access, organizations turn to strong authentication and authorization. This requires the implementation of identity-based access controls. Identity and access management (IAM) solutions help ensure this necessary asset protection while certifying regulatory compliance.

Application Access Management (AAM): Augment, Offload and Consolidate Access Control

Authentication is a critical requirement for online communications. It is imperative that both clients and their target recipients verify their respective identities. Systems must be established that guarantee authenticity, ensure an excellent end user experience and scale to meet the accelerating demands of heightened data center security.

Read the Solution Brief

How A10 Networks Supports Application Authentication and SSO

A10 Networks Thunder® Application Delivery Controller (ADC) line of application delivery controllers with an application access management (AAM) module enables IT administrators to deploy an authentication offload solution that optimizes and enforces authentication, authorization, and centralized policy access management for client-server traffic, eliminating the need to maintain separate authentication points on each web server. Application access management integrates with authentication servers, identity data stores, and applications to authenticate users and enforce access privileges.

Benefits of Application Access Management

• Offloads authentication processing from web and application servers
• Consolidates multiple authentication points to simplify access management
• Supports extensive authentication services and enables single sign-on for multiple applications
• Maximizes uptime and scale through server load balancing
• Safeguards server infrastructure with multiple layers of protection
• Provides granular access control

Supported Methods

With application access management, the A10 Networks Thunder® ADC acts as an edge authentication for web services. Application access management supports all major authentication schemes including SAML-based SSO, third-party identity providers, HTTP authentication (basic, negotiate NTLM/Kerberos), built-in and custom web form and certificate validation methods including Online Certificate Status Protocol (OCSP) for seamless sign-on of mobile devices and computers using certificate-based authentication. Application access management also supports common authentication server protocols including LDAP, RADIUS, RSA SecurID, TDS SQL, Kerberos, NTLM and client certificate authentication.