F5 Identity and Access Management Solutions > 300 Series: Advanced Use Cases & Solutions Source | Edit on

F5 Priviledged User Access (PUA) - Overview¶

The F5 Privileged User Access (PUA) solution provides an easy way to add CAC/PKI authentication or other strong authentication methods to network infrastructure and systems that do not natively support this functionality. It does this without requiring the addition of client software or agents anywhere in the environment and allows you to fully leverage your legacy or non-compliant systems in a safe and secure manner. It integrates directly into DoD PKI or MFA systems and may be configured to work cooperatively with existing TACACS, Active Directory, AAA servers, or a variety of third-party authentication databases.

F5 PUA is DoD CIO approved as an Identity Federation Service for facilitating both privileged and unprivileged user authentication to unclassified and secret fabric DoD Information Systems.

IFS are third-party intermediary services facilitating user-authentication to resources or relying parties. IFS may be used when a system or application does not support direct authentication with PKI or MFA credentials, or the system owner desires a single management framework for a group of heterogeneous systems.

F5 Certifications¶

DoD UC APL

FIPS 140-2 Validated - Level 1, 2, or 3 depending on platform selection. F5 offers software (VE), F5 Full-Box FIPS platforms, integrated (HSM PCI Card), and external (Network HSM) FIPS solutions

Common Criteria Certification

NSA Commercial Solutions for Classified (CSfC) Components List

DISA/JITC PKE (public key enabled)

United States Government IPv6 Conformance Certification (USGv6)

F5 PUA Requirements¶

In order to deploy the F5 PUA Solution, you will require the following:

F5 BIG-IP Access Policy Manager (APM)

iRules LX licensed and provisioned

F5 PUA platform and device licenses

Docker environment to install the F5 PUA UI

Previous Next