Solved

Checklist for ensuring a SaaS web application works if the user is behind a Firewall/Proxy

Posted on 2015-02-16
4
109 Views
Last Modified: 2015-02-17
Heyas,

I am writing a document to help users of our product access our web application if they are going through firewall/proxy and they don't have any IT resources to help them resolve why they have accessibility issues, which does occasionally occur.

So far I have the following points:

Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists
Disable Addons in Browser
Try using Firefox/Chrome if you are using IE


Any assistance is welcome.

Thank you.
0
Comment
Question by:Zack
  • 2
4 Comments
 
LVL 79

Expert Comment

by:David Johnson, CD, MVP
ID: 40614550
Exclude domain from proxy direct/transparent
Exclude domain from HTTPS inspection
Exclude domain from DNS caching
Exclude domain any authentication whitelists


You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

My question is why should any of the above have an impact on your web app?
0
 
LVL 62

Accepted Solution

by:
btan earned 500 total points
ID: 40615570
Hopefully users are tech savvy, but if covering the mass, they definitely will need some screen capture as guidance to aid the understanding. you will also have to differentiate the different user category as those in Enterprise will likely have lockdown station (not their personal PC or smartphone) and cannot do much while the consumers end has more free play to do the check, in each point, it is good to highlight the difficulty of configuring and even possibility to have it done based on their profile.

however, do we really want the user to go through without the necessary check in place to access your SaaS, it seems a lot of work and risk exposure. I rather we go whitelisting where have certain domain or URL excluded or as exception instead of bulk "disable". Be restrictive yet targeted as per demand and need basis. We do not want to advise unnecessary bypass inadvertently using the guide. May consider

- Application whitelisting based on client apps and accessible URL to include in the bypass.
- Review those rules in the PC firewall, and the gateway cum firewall rules (for enterprise).
- Check type of "services" check on your Saas requirement e.g. just HTTP? or HTTPS? (required root certificate to avoid the warning prompt?) or need for tunnel? (as in, going through some vpn as users are in certain country not "freely" allow to access web)
- Need to retry login due to network lapses such as latency, no response, outage, maintenance cycle in progress, any other symptom
0
 

Author Comment

by:Zack
ID: 40615658
Hi David,

In response to your statement: You really believe that the users have a clue as to what the above are and if they are not administrators they can't change it anyhow.

No, I don't but hopefully they will forward these questions on to their system admin. System admin from schools never talk to lowly application support staff (politics).  

My question is why should any of the above have an impact on your web app?

From an accessibility standpoint it has a significant impact depending on the network setup I deal with these issues daily.
0
 

Author Closing Comment

by:Zack
ID: 40615660
Thank you very much the suggestions, you're I right I should 'Be restrictive yet targeted as per demand and need basis'.  I will modify the checklist accordingly.

Cheers
0

Featured Post

Backup Your Microsoft Windows Server®

Backup all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Protectings Systems from Malicous Users 4 122
Edit a page at wix.com 8 49
Cannot Change Local DNS 9 43
VBS to download an image from our website 4 15
I'm a big fan of Windows' offline folder caching and have used it on my laptops for over a decade.  One thing I don't like about it, however, is how difficult Microsoft has made it for the cache to be moved out of the Windows folder.  Here's how to …
An article on effective troubleshooting
This video teaches viewers how to create their own website using cPanel and Wordpress. Tutorial walks users through how to set up their own domain name from tools like Domain Registrar, Hosting Account, and Wordpress. More specifically, the order in…
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question