?
Solved

Checklist for ensuring a SaaS web application works if the user is behind a Firewall/Proxy

Posted on 2015-02-16
4
Medium Priority
?
118 Views
Last Modified: 2015-02-17
Heyas,

I am writing a document to help users of our product access our web application if they are going through firewall/proxy and they don't have any IT resources to help them resolve why they have accessibility issues, which does occasionally occur.

So far I have the following points:

Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists
Disable Addons in Browser
Try using Firefox/Chrome if you are using IE


Any assistance is welcome.

Thank you.
0
Comment
Question by:Zack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 82

Expert Comment

by:David Johnson, CD, MVP
ID: 40614550
Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists


You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

My question is why should any of the above have an impact on your web app?
0
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 40615570
Hopefully users are tech savvy, but if covering the mass, they definitely will need some screen capture as guidance to aid the understanding. you will also have to differentiate the different user category as those in Enterprise will likely have lockdown station (not their personal PC or smartphone) and cannot do much while the consumers end has more free play to do the check, in each point, it is good to highlight the difficulty of configuring and even possibility to have it done based on their profile.

however, do we really want the user to go through without the necessary check in place to access your SaaS, it seems a lot of work and risk exposure. I rather we go whitelisting where have certain domain or URL excluded or as exception instead of bulk "disable". Be restrictive yet targeted as per demand and need basis. We do not want to advise unnecessary bypass inadvertently using the guide. May consider

- Application whitelisting based on client apps and accessible URL to include in the bypass.
- Review those rules in the PC firewall, and the gateway cum firewall rules (for enterprise).
- Check type of "services" check on your Saas requirement e.g. just HTTP? or HTTPS? (required root certificate to avoid the warning prompt?) or need for tunnel? (as in, going through some vpn as users are in certain country not "freely" allow to access web)
- Need to retry login due to network lapses such as latency, no response, outage, maintenance cycle in progress, any other symptom
0
 

Author Comment

by:Zack
ID: 40615658
Hi David,

In response to your statement: You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

No, I don't but hopefully they will forward these questions on to their system admin. System admin from schools never talk to lowly application support staff (politics).  

My question is why should any of the above have an impact on your web app?

From an accessibility standpoint it has a significant impact depending on the network setup I deal with these issues daily.
0
 

Author Closing Comment

by:Zack
ID: 40615660
Thank you very much the suggestions, you're I right I should 'Be restrictive yet targeted as per demand and need basis'.  I will modify the checklist accordingly.

Cheers
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Did you know SD-WANs can improve network connectivity? Check out this webinar to learn how an SD-WAN simplified, one-click tool can help you migrate and manage data in the cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

An article on effective troubleshooting
Compliance and data security require steps be taken to prevent unauthorized users from copying data.  Here's one method to prevent data theft via USB drives (and writable optical media).
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
Learn how to set-up PayPal payment integration in your Wufoo form. Allow your users to remit payment through PayPal upon completion of your online form. This is helpful for collecting membership payments, customer payments, donations, and more.
Suggested Courses

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question