Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

ASA SSL VPN

Posted on 2013-06-30
8
Medium Priority
?
316 Views
Last Modified: 2013-07-22
We are planning to publish our application URL so that users access this URL from any where.
The access will be through https.
Would like to check if ASA is the best option or is there any other solution which can address this requirement.

Also let me know what type of authentication does Cisco ASA provides for this kind of access.
What are the requirements required for this deployment in Cisco ASA.
0
Comment
Question by:SrikantRajeev
  • 5
  • 3
8 Comments
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39288986
Any help
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39289639
Any help
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 2000 total points
ID: 39290048
I'm unsure what you mean by "publishing our application url". Do you mean that you have a web server that you'd like to allow users on the internet to access? Do you want them to access the application directly, or were you thinking to use the ASA as a proxy by using clientless SSL VPN? I'm just trying to get a hold of the situation.
0
Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292099
thanks
I am planning to use ASA as a proxy by using Clientless SSL VPN.
Yes there is a application behind the firewall which is accessed through https by which we would like to users to access it through internet.
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 2000 total points
ID: 39292104
The asa should be able to handle this without much issue. However.... depending on how the application is secured you may want to consider single sign on. The users will need to first log in to the anyconnect portal, and then when they access the application their credentials dont automatically pass through by default so users will have to essentially sign in twice. Also don't forget to make sure you have the correct licensing. I believe client less is considered anyconnect premium.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292144
thanks & few clarification.
Does this mean if the user starts to access the application the 1st page which gets displayed will be the ASA Any connect portal ? - Let me know if my understanding is right.
Will this authentication will be on the local ASA server ?
Once the user is authenticated then the 2nd level of authentication will be Application authentication ? - Let me know if my understanding is right.

Also let me know if any client or any software it requires to be installed in the client PC/Laptop.
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 2000 total points
ID: 39292165
You would have two levels of authentication if the application needed authentication. No client would need to be installed, but java might need to be installed.

Alternately, you may want to look at cut through proxy. Google searching will give you an idea what that's all about.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 39346903
Thanks
0

Featured Post

The Growing Need for Data Analysts

As the amount of data rapidly increases in our world, so does the need for qualified data analysts. WGU's MS in Data Analytics and maximize your leadership opportunities as a data engineer, business analyst, information research scientist, and more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
We’ve all felt that sense of false security before—locking down external access to a database or component and feeling like we’ve done all we need to do to secure company data. But that feeling is fleeting. Attacks these days can happen in many w…
Suggested Courses

580 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question