Solved

ASA SSL VPN

Posted on 2013-06-30
8
309 Views
Last Modified: 2013-07-22
We are planning to publish our application URL so that users access this URL from any where.
The access will be through https.
Would like to check if ASA is the best option or is there any other solution which can address this requirement.

Also let me know what type of authentication does Cisco ASA provides for this kind of access.
What are the requirements required for this deployment in Cisco ASA.
0
Comment
Question by:SrikantRajeev
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39288986
Any help
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39289639
Any help
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39290048
I'm unsure what you mean by "publishing our application url". Do you mean that you have a web server that you'd like to allow users on the internet to access? Do you want them to access the application directly, or were you thinking to use the ASA as a proxy by using clientless SSL VPN? I'm just trying to get a hold of the situation.
0
Put Machine Learning to Work--Protect Your Clients

Machine learning means Smarter Cybersecurity™ Solutions.
As technology continues to advance, managing and analyzing massive data sets just can’t be accomplished by humans alone. It requires huge amounts of memory and storage, as well as high-speed processing of the cloud.

 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292099
thanks
I am planning to use ASA as a proxy by using Clientless SSL VPN.
Yes there is a application behind the firewall which is accessed through https by which we would like to users to access it through internet.
0
 
LVL 20

Assisted Solution

by:rauenpc
rauenpc earned 500 total points
ID: 39292104
The asa should be able to handle this without much issue. However.... depending on how the application is secured you may want to consider single sign on. The users will need to first log in to the anyconnect portal, and then when they access the application their credentials dont automatically pass through by default so users will have to essentially sign in twice. Also don't forget to make sure you have the correct licensing. I believe client less is considered anyconnect premium.
0
 
LVL 1

Author Comment

by:SrikantRajeev
ID: 39292144
thanks & few clarification.
Does this mean if the user starts to access the application the 1st page which gets displayed will be the ASA Any connect portal ? - Let me know if my understanding is right.
Will this authentication will be on the local ASA server ?
Once the user is authenticated then the 2nd level of authentication will be Application authentication ? - Let me know if my understanding is right.

Also let me know if any client or any software it requires to be installed in the client PC/Laptop.
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 500 total points
ID: 39292165
You would have two levels of authentication if the application needed authentication. No client would need to be installed, but java might need to be installed.

Alternately, you may want to look at cut through proxy. Google searching will give you an idea what that's all about.
0
 
LVL 1

Author Closing Comment

by:SrikantRajeev
ID: 39346903
Thanks
0

Featured Post

Do you have a plan for Continuity?

It's inevitable. People leave organizations creating a gap in your service. That's where Percona comes in.

See how Pepper.com relies on Percona to:
-Manage their database
-Guarantee data safety and protection
-Provide database expertise that is available for any situation

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

David Varnum recently wrote up his impressions of PRTG, based on a presentation by my colleague Christian at Tech Field Day at VMworld in Barcelona. Thanks David, for your detailed and honest evaluation!
In this blog we highlight approaches to managed security as a service.  We also look into ConnectWise’s value in aiding MSPs’ security management and indicate why critical alerting is a necessary integration.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…

724 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question