Solved

Checklist for ensuring a SaaS web application works if the user is behind a Firewall/Proxy

Posted on 2015-02-16
4
116 Views
Last Modified: 2015-02-17
Heyas,

I am writing a document to help users of our product access our web application if they are going through firewall/proxy and they don't have any IT resources to help them resolve why they have accessibility issues, which does occasionally occur.

So far I have the following points:

Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists
Disable Addons in Browser
Try using Firefox/Chrome if you are using IE


Any assistance is welcome.

Thank you.
0
Comment
Question by:Zack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 81

Expert Comment

by:David Johnson, CD, MVP
ID: 40614550
Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists


You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

My question is why should any of the above have an impact on your web app?
0
 
LVL 64

Accepted Solution

by:
btan earned 500 total points
ID: 40615570
Hopefully users are tech savvy, but if covering the mass, they definitely will need some screen capture as guidance to aid the understanding. you will also have to differentiate the different user category as those in Enterprise will likely have lockdown station (not their personal PC or smartphone) and cannot do much while the consumers end has more free play to do the check, in each point, it is good to highlight the difficulty of configuring and even possibility to have it done based on their profile.

however, do we really want the user to go through without the necessary check in place to access your SaaS, it seems a lot of work and risk exposure. I rather we go whitelisting where have certain domain or URL excluded or as exception instead of bulk "disable". Be restrictive yet targeted as per demand and need basis. We do not want to advise unnecessary bypass inadvertently using the guide. May consider

- Application whitelisting based on client apps and accessible URL to include in the bypass.
- Review those rules in the PC firewall, and the gateway cum firewall rules (for enterprise).
- Check type of "services" check on your Saas requirement e.g. just HTTP? or HTTPS? (required root certificate to avoid the warning prompt?) or need for tunnel? (as in, going through some vpn as users are in certain country not "freely" allow to access web)
- Need to retry login due to network lapses such as latency, no response, outage, maintenance cycle in progress, any other symptom
0
 

Author Comment

by:Zack
ID: 40615658
Hi David,

In response to your statement: You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

No, I don't but hopefully they will forward these questions on to their system admin. System admin from schools never talk to lowly application support staff (politics).  

My question is why should any of the above have an impact on your web app?

From an accessibility standpoint it has a significant impact depending on the network setup I deal with these issues daily.
0
 

Author Closing Comment

by:Zack
ID: 40615660
Thank you very much the suggestions, you're I right I should 'Be restrictive yet targeted as per demand and need basis'.  I will modify the checklist accordingly.

Cheers
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
Examines three attack vectors, specifically, the different types of malware used in malicious attacks, web application attacks, and finally, network based attacks.  Concludes by examining the means of securing and protecting critical systems and inf…
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to choose which pages of your form are visible to your users based on their inputs. The page rules feature provides you with an opportunity to create if:then statements for y…
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question