F5 BIG-IP Access Policy Manager (APM) enhances access management by offering remote application access through SSL VPN, secure access verification, and login capabilities. Its user-friendly interface and robust security ensure efficient scalability and performance.
| Product | Mindshare (%) |
|---|---|
| F5 BIG-IP Access Policy Manager (APM) | 1.5% |
| Zscaler Internet Access | 10.0% |
| Cisco Umbrella | 9.7% |
| Other | 78.8% |
| Type | Title | Date | |
|---|---|---|---|
| Category | Secure Web Gateways (SWG) | Jun 23, 2026 | Download |
| Product | Reviews, tips, and advice from real users | Jun 23, 2026 | Download |
| Comparison | F5 BIG-IP Access Policy Manager (APM) vs Cisco Umbrella | Jun 23, 2026 | Download |
| Comparison | F5 BIG-IP Access Policy Manager (APM) vs Fortinet FortiGate | Jun 23, 2026 | Download |
| Comparison | F5 BIG-IP Access Policy Manager (APM) vs Zscaler Internet Access | Jun 23, 2026 | Download |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Fortinet FortiGate | 4.2 | 6.7% | 92% | 592 interviewsAdd to research |
| Microsoft Intune | 4.1 | N/A | 95% | 378 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
| Company Size | Count |
|---|---|
| Small Business | 113 |
| Midsize Enterprise | 69 |
| Large Enterprise | 209 |
F5 BIG-IP APM serves enterprises by integrating multiple authentication protocols and supporting remote access via SSL VPN for secure application and network connections. Known for its strong performance and reliable scalability, APM allows custom policy management, facilitating load balancing and enhanced server management through virtual IP creation. It offers a secure bridge for users to connect to private networks while managing access through portals and enforcing compliance checks. Despite its efficient and user-friendly interface, APM has areas needing improvements such as updates for MacOS access, comprehensive reporting features, and simplifying the initial setup process. Better documentation and improved cloud integration are also areas for potential enhancement, alongside more efficient management and automation capabilities. Pricing and integration with other systems could be more competitive, and improvements in support response times would benefit users significantly.
What are the key features of F5 BIG-IP APM?In sectors like finance and healthcare, F5 BIG-IP APM ensures secure access management for sensitive data networks. Retailers utilize it to manage seasonal traffic efficiently with its load balancing and scalability, while educational institutions leverage its robust security and remote access features for faculty and students accessing campus networks remotely. These industries benefit from tailored policy management and comprehensive authentication integration to meet specific security and access needs.
F5 BIG-IP Access Policy Manager (APM) was previously known as F5 Access Policy Manager.
City Bank, Ricacorp Properties, Miele, American Systems, Bangladesh Post Office
| Author info | Rating | Review Summary |
|---|---|---|
| Senior Cyber Security Consultant at KoçSistem | 4.0 | I've used F5 BIG-IP APM for over 10 years; it's stable with strong WAF and bot defense, but the interface is slow and lacks Anycast. I prefer it on-prem, rating it 8 out of 10 overall. |
| Solutions Manager at Macroview Telecom Limited | 4.0 | I use F5 BIG-IP Access Policy Manager (APM) for SSL VPN and identity access management. It supports various authentication protocols, including legacy ones, but lacks direction for SaaS. I've worked with other solutions like Cisco and Palo Alto. |
| Business Development Manager at Pylones | 4.5 | I use F5 BIG-IP Access Policy Manager (APM) for secure system access, integrating with third-party authentication systems. It verifies device security with features like pre-logon checks. Improvement is needed for cloud integration, but overall, APM enhances security and reduces costs. |
| Senior Network Engineer at a financial services firm with 10,001+ employees | 4.5 | I use the F5 BIG-IP Access Policy Manager primarily for creating WAFs and configuring virtual servers. Its most valuable feature is virtual IP creation, ensuring seamless traffic management. The GUI could improve, but it remains scalable and cost-effective. |
| Professional Services Specialist at a security firm with 51-200 employees | 4.5 | I use F5 BIG-IP Access Policy Manager primarily for creating authentication-driven landing pages. Its valuable authentication features include SAML and SSO. However, improving object management and offering copy-pasting capabilities would enhance usability. I haven't used or compared it with competitors. |
| Associate Network Engineer at a computer software company with 11-50 employees | 4.0 | Based on client needs, we configure F5 BIG-IP APM for VPN and load balancing. The GUI is customizable and provides strong performance. However, integrating better documentation within the interface would improve usability. It's adaptable to various enterprise requirements. |
| IT Security Specialist at a educational organization with 201-500 employees | 4.0 | I use F5 BIG-IP Access Policy Manager for managing user access, VPNs, and protecting our college from cyberattacks. Despite its effectiveness, it is costly, and our CIO is considering a switch to the more affordable Citrix NetScaler WAF. |
| Sr. Architect at NBC Universal | 4.0 | I've used F5 BIG-IP APM for eight years, valuing its secure login and straightforward setup. It offers good ROI and scalability, though integration with other products needs improvement. Overall, I rate it an 8/10 and advise thorough research. |
| Deputy managing director at AL-ARAFAH ISLAMI BANK LTD | 3.5 | We find F5 BIG-IP Access Policy Manager valuable for its load balancing features, which support our web applications and integrate with our core banking system. Although we lack local knowledgeable support teams, the investment yielded a 100% return. |
| Senior Process Specialist at Telstra | 3.5 | I use F5 BIG-IP APM for private network access, finding it easy to use for 1.5 years. Its stability could be better, as it disconnects after inactivity, which I find frustrating. I rate it 7/10. |
I am using F5 BIG-IP Access Policy Manager (APM) along with Bot Management, API Gateway, API Security, and F5 Cloud.
I am using F5 Advanced WAF, but I switch between ZTNA solutions such as FortiSASE, Prisma Cloud, Palo Alto, and Cloudflare ZTNA.
My customers are using AWS, Cloudflare, and Azure.
This solution serves as a SASE component.
I am using Advanced Web Application Firewall (WAF).
F5 BIG-IP Access Policy Manager (APM) provides excellent WAF and bot defense solutions.
We are using on-premises or cloud solutions with the Big-IP platform.
The most valuable features in F5 BIG-IP Access Policy Manager (APM) are the policy manager and public web access controllers.
My customers are using the Single Sign-On feature with SAML, RADIUS, and multi-factor authentication.
F5 BIG-IP Access Policy Manager (APM) is not running Anycast; it operates on-premises or multicast, though Anycast capability is required.
F5 BIG-IP Access Policy Manager (APM) is not user-friendly and operates slowly.
Additional features for architecture such as Anycast would be beneficial.
The ability to run the Anycast feature would be valuable, as the current solution only operates on-premises.
The interface is slow, and the speed needs improvement.
I have been working with F5 BIG-IP Access Policy Manager (APM) for over 10 years.
The solution is stable overall.
I replaced F5 BIG-IP Access Policy Manager (APM) with other vendors.
The replacement was necessary because other vendors provide SASE solutions, while F5 BIG-IP Access Policy Manager (APM) is limited to APM functionality.
For cases where F5 BIG-IP Access Policy Manager (APM) doesn't fit the budget, I would recommend a new interface that is very user-friendly and faster, along with functionality such as public host, private host authentication, IPsec, and access control broker.
I am familiar with F5 BIG-IP Access Policy Manager (APM) and its capabilities.
I consider Cloudflare when evaluating centralized access control features; Cloudflare utilizes multi-factor authentication and full API support, while F5 BIG-IP Access Policy Manager (APM) needs to enhance its API support.
I recommend F5 BIG-IP Access Policy Manager (APM) for large companies such as Tüpraş and Ford. Tüpraş is one of the biggest companies in Turkey, along with other customers such as Tofaş, Euroko, Koç Holding, and more.
For on-premises deployment, I would rate it a 10. For cloud deployment, I would rate it a seven.
I primarily use it on-premises.
I rate F5 BIG-IP Access Policy Manager (APM) eight out of ten.
Positive
Positive
We primarily use it to create WAFs and wide IP (virtual server) configurations. Additionally, we leverage Global Server Load Balancing (GSLB) when we need to define access policies or create web application firewalls (WAFs). In those scenarios, F5 is our go-to solution.
Let's say we have servers in the DMZ or back-end that shouldn't communicate directly with the outside world or receive unwanted traffic. F5 comes in with virtual IPs to act as a middleman. Daily traffic gets routed according to our policies, like round robin. With four servers, F5 sends queries one by one to each, checking if they're healthy and ready to serve clients. That's a typical use case.
Additionally, if we need to inspect or modify packets (e.g., for SSL decryption), we can install tools on F5 to handle that offloading and send the traffic onward transparently to the back-end. These are some of the key features I use regularly.
And if we need to modify packets on the fly, like the certificates within the traffic, we can install them on the F5, perform traffic manipulation and offloading, and then send the traffic decrypted or encrypted to the backend in plain text. These are all capabilities we're quite familiar with.
If we need to patch servers before they go into production. This is where the F5's protection side, specifically certificate management, comes in handy.
We can use the F5 to send traffic and analyze if the patched servers are functioning correctly before they're exposed to production users.
The most valuable feature is the virtual IP creation. It's our most frequently used feature. It allows us to take a server out of the pool if it's acting strangely on the backend without impacting client traffic. The client remains connected to the virtual IP, and the F5 automatically routes them to a healthy server.
In my opinion, the GUI side needs some improvement based on my usage. Sometimes, it doesn't work as efficiently as the CLI side.
Feature-wise, sometimes when I log in to the GUI and want to see the pool members, and I click on that, it sometimes goes and shows me some traffic details for that specific node, inside, outside, page traffic, everything. But when I click the back arrow to go back, it takes me to a different page, not the page I was on before.
So those are some of the things I think could be improved upon.
I have been using it for several years. While I've been using it less in the last few months due to workload, overall, I've been using it for about five years or more.
It is a stable solution. I would rate the stability a ten out of ten.
From my perspective, the work I do benefits from good visibility before anything goes to production. We can generate traffic with F5's load generators to see how it behaves, exposing any packet errors and other issues. This is valuable for me, as it allows for troubleshooting without involving server personnel.
Additionally, we can capture traffic directly on the F5, analyzing it using F5's traffic analytics feature. This independence from network engineers is good, eliminating the need to constantly ask them to check server issues. In essence, using F5 allows us to verify its health and traffic handling independently. Overall, this has been very helpful.
Overall, I would rate the scalability a nine out of ten.
My experience with customer service and support has been good.
Positive
I did use a different solution.
However, we opted for F5 because it's a really scalable solution. It's easy to deploy and a stable solution. Moreover, it offers good support.
The initial setup was straightforward.
It's definitely good to have it. It definitely saves time and money.
It's a really scalable solution, stable solution, one of the best products in the market in that segment, widely used as well as a lot of good support documentation online and call support available.
Overall, I would rate the solution a nine out of ten.
If I want my login page to define it, I can create new landing pages with authentication and use all of its features.
A lot of features are useful to me, including mostly the authentication, SAML, or SSO, with no sign-on. All of its features are valuable.
Sometimes, if I erase or add a new agent in the policy, I can't go backwards, even if I haven't saved the access policy. I want the option to delete it, however, there's no option. I need to create the object from the beginning. If I could copy and paste objects instead of picking and configuring them from scratch each time, it would be great.
I have been using it for about three years now.
Sometimes, the logs are not quite informational or easy to understand. That said, they are okay.
When I talk about the people who answer the phone, I would give them a rating of ten, as they are very good.
However, for the agents who help solve the issues, in the past year, year and a half, even two years, sometimes it takes a long time for them to respond. Even if they respond, they don't update me with the process or what's going on. If there is a solution, they don't always communicate it.
I have had a lot of issues in the past few months with the agents, which was disappointing.
Positive
I haven't worked with competitors. I know who they are, yet I don't have any opinions about them.
I don't use BIG-IP. Most of our customers don't use BigIQ anymore. I know very few use Volterra, however, I don't work with it.
The initial setup is pretty simple.
Once I understand it, it's okay. Learning it was challenging for me, however, once understood, it's okay.
I rate the overall solution nine out of ten.
The use case depends entirely on the client's specific requirements. We configure the APM accordingly. For instance, in some scenarios, we've used F5 for VPN purposes. In others, we've deployed F5 BIG-IP primarily as a load balancer.
The choice depends on the enterprise's needs. They might want application load balancing, network traffic load balancing, or something else entirely. It's often used for VPN-like functionality.
Our clients use F5 BIG-IP Access Policy Manager (APM) for remote access control. They log in on an agent for authentication. The same configuration will be on the load balancer server.
It is easy to integrate within the environment.
In my opinion, the GUI is perfect with the configuration options provided. F5 BIG-IP has given customization options and policy configuration tools in the GUI. It's good and good enough to work.
We can do customization within APM. It works fine. For customization, I'd rate it an eight out of ten.
It also offers strong performance. I would rate its performance an eight out of ten.
I'd suggest improved documentation integration directly within the GUI. Right now, finding comprehensive documentation often requires going to external websites like the community portal.
In the APM interface itself, they could add direct hyperlinks to relevant online documentation. This would provide easy access to admin guides and other resources when working within the GUI.
I have been working with this product for one and a half years now.
Primarily, we work with F5 LTM (Local Traffic Manager) and APM (Access Policy Manager).
It is a stable product. We hardly heard about any vulnerability in the context of this solution from our client.
I'd rate F5 APM's scalability an eight out of ten. It is neither too hard nor too easy to scale.
It is suitable for enterprise-level businesses.
We have to raise a support ticket to get support. But I haven't reached out to the support yet.
Positive
It varies depending on the client's specific needs. We configure APM for a range of use cases. Some clients integrate it with identity management systems like IBM. We've used it with older F5 versions and the newer premium offerings. It's highly adaptable to what the enterprise wants to achieve with load balancing and traffic management.
The setup process is flexible. You can deploy F5 APM on virtual machines, hardware appliances, or in the cloud.
I can't recommend F5 BIG-IP Access Policy Manager (APM) as a one-size-fits-all solution. It has several functions, so the best fit depends on the specific need.
However, a major benefit is the ability to use a single license for multiple technologies – VPN, load balancing, etc. This can be a significant advantage.
Overall, I would rate the solution an eight out of ten. In my opinion, it is the best solution.
I use the tool to manage user access. We're connected to Active Directory and previously used SAML, but now mainly use Citrix. I use F5 BIG-IP Access Policy Manager for VPN access for the IT group, with two-factor authentication using Google Authenticator.
Our organization is small - a college with about 3,500 students. We use F5 BIG-IP Access Policy Manager to protect our site, especially from the Iranian attacks we faced last year. We restrict access to only inside the country.
Regarding price, I'm not directly involved in purchasing, but our CIO thinks the product is very expensive. He's considering moving from the tool to Citrix NetScaler WAF because it's cheaper, and we already have Citrix for VDI. We got NetScaler almost free as part of our VDI deal. Three years ago, I convinced him to use the solution because it's better, but now, with budget constraints, he may want to switch.
I have been using the product for nine years.
I rate the tool's pricing an eight out of ten.
I love the product. Technically, it's one of the best, but not the best. I like it. It's very easy for me to control. There are a few things that seem a bit problematic. First is the two-factor authentication. If I want to use BIG-IP Access Policy Manager instead of NetScaler, it's not as good for ease of use and working with multifactor. With NetScaler, we can add the authenticator code directly to the Active Directory. In F5 BIG-IP Access Policy Manager, you can't do this. You need to use an iRule or an external management system, which I don't like. This is a real drawback for everyone using F5 BIG-IP Access Policy Manager. Regarding the WAF, it's the best.
The primary use cases of F5 BIG-IP Access Policy Manager are straightforward for what we wanted to do.
F5 BIG-IP Access Policy Manager has improved our organization by giving us a secure connection for certain types of traffic flows.
The F5 BIG-IP Access Policy Manager feature I find the most valuable is the login.
F5 BIG-IP Access Policy Manager has room for improvement in integration with other products.
I have been using F5 BIG-IP Access Policy Manager for eight years.
F5 BIG-IP Access Policy Manager is scalable. We have somewhere between six and seven hundred people using it daily. Their roles vary. Some are writers, while others are administrators. It all depends on how we deploy it and who's going to use it.
The staff required to deploy and maintain F5 BIG-IP Access Policy Manager is minimal.
We do potentially have plans to increase usage of the solution. I'm currently investigating other projects that could benefit from it.
F5 BIG-IP Access Policy Manager's technical support is great.
Positive
F5 BIG-IP Access Policy Manager does the same thing as a firewall would do, so I have used a range of different solutions like it.
The initial setup was straightforward. How long deployment takes depends on the project. It roughly takes about three months for us to hash out everything.
We deployed F5 BIG-IP Access Policy Manager in-house.
We have seen a return on investment from F5 BIG-IP Access Policy Manager. It provided access at a time when we didn't have it.
I would prefer not to disclose numbers, but on a scale of one to five, I would give F5 BIG-IP Access Policy Manager a four for cost.
We did not evaluate other options because F5 BIG-IP Access Policy Manager was integrated with the previous product we were using.
The advice I would give to others looking to implement F5 BIG-IP Access Policy Manager is this: do your homework on it to make sure it's going to definitely fit your use case.
On a scale of one to 10, I would give F5 BIG-IP Access Policy Manager an eight overall.
The load balancing features are valuable. We use a lot of web applications. The solution helps us to integrate with our core banking system. We are happy with the configurations and interface.
Most support teams are from other countries. We do not have knowledgeable support teams locally.
I have been using the solution for almost two years.
I rate the tool’s stability an eight out of ten.
I rate the tool’s scalability a nine out of ten.
I rate the ease of setup an eight out of ten. We have more than 100 engineers. Our technical team is strong.
A third-party vendor deployed the product for us.
We see a 100% return on investment in the product.
The tool is a little bit expensive. I rate the pricing a six out of ten.
We have moved to microservices. Overall, I rate the product a seven out of ten.
I use F5 BIG-IP APM to connect to my company's private network and access the tools that I need.
F5 BIG-IP APM is relatively easy to use.
F5 BIG-IP APM disconnects when you leave it for long enough, but that is natural for IT solutions to do. That's a little bit frustrating.
I have been using F5 BIG-IP Access Policy Manager (APM) for approximately a year and a half.
The stability of the F5 BIG-IP APM could be better.
F5 BIG-IP APM is used within our company and we have approximately 17,000 employees.
I have contacted the support of F5 BIG-IP APM for the initial setup only.
I rate F5 BIG-IP APM a seven out of ten.
