Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Checklist for ensuring a SaaS web application works if the user is behind a Firewall/Proxy

Posted on 2015-02-16
4
112 Views
Last Modified: 2015-02-17
Heyas,

I am writing a document to help users of our product access our web application if they are going through firewall/proxy and they don't have any IT resources to help them resolve why they have accessibility issues, which does occasionally occur.

So far I have the following points:

Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists
Disable Addons in Browser
Try using Firefox/Chrome if you are using IE


Any assistance is welcome.

Thank you.
0
Comment
Question by:Zack
  • 2
4 Comments
 
LVL 80

Expert Comment

by:David Johnson, CD, MVP
ID: 40614550
Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists


You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

My question is why should any of the above have an impact on your web app?
0
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40615570
Hopefully users are tech savvy, but if covering the mass, they definitely will need some screen capture as guidance to aid the understanding. you will also have to differentiate the different user category as those in Enterprise will likely have lockdown station (not their personal PC or smartphone) and cannot do much while the consumers end has more free play to do the check, in each point, it is good to highlight the difficulty of configuring and even possibility to have it done based on their profile.

however, do we really want the user to go through without the necessary check in place to access your SaaS, it seems a lot of work and risk exposure. I rather we go whitelisting where have certain domain or URL excluded or as exception instead of bulk "disable". Be restrictive yet targeted as per demand and need basis. We do not want to advise unnecessary bypass inadvertently using the guide. May consider

- Application whitelisting based on client apps and accessible URL to include in the bypass.
- Review those rules in the PC firewall, and the gateway cum firewall rules (for enterprise).
- Check type of "services" check on your Saas requirement e.g. just HTTP? or HTTPS? (required root certificate to avoid the warning prompt?) or need for tunnel? (as in, going through some vpn as users are in certain country not "freely" allow to access web)
- Need to retry login due to network lapses such as latency, no response, outage, maintenance cycle in progress, any other symptom
0
 

Author Comment

by:Zack
ID: 40615658
Hi David,

In response to your statement: You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

No, I don't but hopefully they will forward these questions on to their system admin. System admin from schools never talk to lowly application support staff (politics).  

My question is why should any of the above have an impact on your web app?

From an accessibility standpoint it has a significant impact depending on the network setup I deal with these issues daily.
0
 

Author Closing Comment

by:Zack
ID: 40615660
Thank you very much the suggestions, you're I right I should 'Be restrictive yet targeted as per demand and need basis'.  I will modify the checklist accordingly.

Cheers
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Cybersecurity has become the buzzword of recent years and years to come. The inventions of cloud infrastructure and the Internet of Things has made us question our online safety. Let us explore how cloud- enabled cybersecurity can help us with our b…
Phishing is at the top of most security top 10 efforts you should be pursuing in 2016 and beyond. If you don't have phishing incorporated into your Security Awareness Program yet, now is the time. Phishers, and the scams they use, are only going to …
Use Wufoo, an online form creation tool, to make powerful forms. Learn how to selectively show certain fields based on user input using rules to gather relevant information and data from your forms. The rules feature provides you with an opportunity…
Learn how to set-up custom confirmation messages to users who complete your Wufoo form. Include inputs from fields in your form, webpage redirects, and more with Wufoo’s confirmation options.

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question