What is a Visual Policy Designer flow?¶
A flow is a collection of flows and rules that determine the actions that an Access policy performs. BIG-IP Next Central Manager includes a number of flows that provide reuseable sections that you insert into the Visual Policy Designer as needed. For example, Active Directory Auth and Resources is a pre-configured flow. It supplies a logon rule, an Active Directory authentication rule, and a resource assignment rule. The properties for the rules are configurable.
After you decide which flow you need next, you place it into an Access policy by dragging it to the point in the policy at which you wish to insert it.
A flow contains rules and can include other flows.
Nested flows in an Access policy¶
In a BIG-IP Next Access policy, a flow can call another flow until up to ten flows have been called in series. A flow cannot call itself.
Default Flows¶
The following flows are included with BIG-IP Next Central Manager.
| Flow Name | Description |
|---|---|
| Empty | This is the most basic flow. It contains no other flows or rules and contains one ending. This flow is useful for starting a policy. |
| Basic-SAML-Authentication | This is a simple SAML flow. It contains the SAML Auth Rule and includes only basic settings. |
| Browser Detection | This is a simple flow designed to help users identify common web browsers. |