[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 124
  • Last Modified:

Checklist for ensuring a SaaS web application works if the user is behind a Firewall/Proxy

Heyas,

I am writing a document to help users of our product access our web application if they are going through firewall/proxy and they don't have any IT resources to help them resolve why they have accessibility issues, which does occasionally occur.

So far I have the following points:

Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists
Disable Addons in Browser
Try using Firefox/Chrome if you are using IE


Any assistance is welcome.

Thank you.
0
Zack
Asked:
Zack
  • 2
1 Solution
 
David Johnson, CD, MVPOwnerCommented:
Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists


You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

My question is why should any of the above have an impact on your web app?
0
 
btanExec ConsultantCommented:
Hopefully users are tech savvy, but if covering the mass, they definitely will need some screen capture as guidance to aid the understanding. you will also have to differentiate the different user category as those in Enterprise will likely have lockdown station (not their personal PC or smartphone) and cannot do much while the consumers end has more free play to do the check, in each point, it is good to highlight the difficulty of configuring and even possibility to have it done based on their profile.

however, do we really want the user to go through without the necessary check in place to access your SaaS, it seems a lot of work and risk exposure. I rather we go whitelisting where have certain domain or URL excluded or as exception instead of bulk "disable". Be restrictive yet targeted as per demand and need basis. We do not want to advise unnecessary bypass inadvertently using the guide. May consider

- Application whitelisting based on client apps and accessible URL to include in the bypass.
- Review those rules in the PC firewall, and the gateway cum firewall rules (for enterprise).
- Check type of "services" check on your Saas requirement e.g. just HTTP? or HTTPS? (required root certificate to avoid the warning prompt?) or need for tunnel? (as in, going through some vpn as users are in certain country not "freely" allow to access web)
- Need to retry login due to network lapses such as latency, no response, outage, maintenance cycle in progress, any other symptom
0
 
ZackGeneral IT Goto GuyAuthor Commented:
Hi David,

In response to your statement: You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

No, I don't but hopefully they will forward these questions on to their system admin. System admin from schools never talk to lowly application support staff (politics).  

My question is why should any of the above have an impact on your web app?

From an accessibility standpoint it has a significant impact depending on the network setup I deal with these issues daily.
0
 
ZackGeneral IT Goto GuyAuthor Commented:
Thank you very much the suggestions, you're I right I should 'Be restrictive yet targeted as per demand and need basis'.  I will modify the checklist accordingly.

Cheers
0

Featured Post

Become a Leader in Data Analytics

Gain the power to turn raw data into better business decisions and outcomes in your industry. Transform your career future by earning your MS in Data Analytics. WGU’s MSDA program curriculum features IT certifications from Oracle and SAS.  

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now