• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 300
  • Last Modified:

TMG to IBM Security Access manager for Web reverse proxy migration

Hi I’m hoping someone can help me with the below.

We are currently running IBM Security Access manager for Web 8.0.1.0 as a reverse proxy which is supposed to be a replacement for our Microsoft TMG proxy. We have never used this product before so apologies if this is a very basic question.

Currently we have multiple “short” domains URL which we use for our mobile users. The short URL are then redirected by the current TMG proxy to the real log URL e.g. my.xyz.com redirects to my.longdomainname.com/xyz/portal

On TMG we achieved this by creating a deny rule and it redirected the shot URL to the long URL, can someone let me know how to achieve this through ISAM?

Thanks
0
TazzEE
Asked:
TazzEE
  • 4
  • 3
  • 3
  • +1
1 Solution
 
gheistCommented:
Popular name for facility you look for is called Permalink.
0
 
TazzEEAuthor Commented:
Hi Gheist

Thanks for your response but how would you implement this in  IBM Security Access manager for Web (ISAM)?

thanks
0
 
bbaoIT ConsultantCommented:
a bit interested in why TMG is to be replaced by a ISAM?
0
On-Demand: Securing Your Wi-Fi for Summer Travel

Traveling this summer?Check out our on-demand webinar to learn about the importance of Wi-Fi security and 3 easy measures you can start taking immediately to protect your private data while using public Wi-Fi. Follow us today to learn more!

 
gheistCommented:
You can implement permalinks (aka redirects) on websphere (or more accurately in webapp)
0
 
TazzEEAuthor Commented:
thanks for your reply's

@bbao
Microsoft has discontinued TMG and as we were only using it as a reverse proxy we decided to go for ISAM

@Gheist
an I correct in thinking you would do this through the HTTP Transformation Rules?
0
 
gheistCommented:
via servlet-mapping in web.xml
0
 
btanExec ConsultantCommented:
indeed using transformation
The HTTP requests and responses received by WebSEAL are expressed as XML objects and can be manipulated using XSL transformations.

You can use XSLT rules to represent the changes that you want to apply to the HTTP requests and responses as they pass through WebSEAL. WebSEAL uses the following two inputs for the HTTP transformations:

An XML representation of the HTTP request or HTTP response.
An XSLT that determines how the request or response is modified.
The output from the transformation is an XML document that outlines the changes required to the HTTP request or HTTP response.
http://www-01.ibm.com/support/knowledgecenter/SSPREK_7.0.0/com.ibm.isam.doc_70/ameb_appl_guide/concept/con_http_transform_rules.html?lang=en

Do check out the scenario examples too
http://www-01.ibm.com/support/knowledgecenter/SSPREK_7.0.0/com.ibm.isam.doc_70/ameb_appl_guide/concept/con_http_trans_scen.html?lang=en-us

For more details, see "HTTP transformations" in "Web Reverse Proxy Configuration" for ISAM for web (ver Version 8.0.0.4) http://www-01.ibm.com/support/docview.wss?uid=swg27042988&aid=4
0
 
TazzEEAuthor Commented:
thanks Btan, will look into this and get back to you
0
 
bbaoIT ConsultantCommented:
> Microsoft has discontinued TMG and as we were only using it as a reverse proxy we decided to go for ISAM

in my understanding to your scenario, i reckon a discontinued product does not mean its life cycle has to be ended from production especially its purpose is limited to a single or few roles. just a personal opinion.
0
 
btanExec ConsultantCommented:
Do see likewise as well - in fact ref to TMG EOL,
Microsoft announced the Forefront TMG 2010 product will be discontinued. Microsoft will continue to provide mainstream support for TMG until April 14, 2015, and extended support until April 14, 2020. The Forefront TMG 2010 Web Protection Services (WPS) will be discontinued on December 31, 2015. Beginning on January 1, 2016, Web Protection Service (URL filtering) will cease to function and the Microsoft Reputation Service (MRS) will be shutdown permanently. Virus and malicious software scanning and the Network Inspection System (NIS) will continue to operate but will no longer receive updates.
It is still good to plan early if the backend is undergoing some timely tech refresh but if does not break existing business, then go into more time to plan out and even co-existence for period to eventually tide over to new systems if there is...otherwise some may just continue as-is since it ain't broken btu the security gaps if any can have some repercussion ... down the business road. MS proposed the next taker but it may not be a 1 to 1 mapping for UAG to TMG though
Looking ahead, Forefront Unified Access Gateway (UAG) 2010 and Forefront Identify Manager (FIM) 2010 R2 both have current roadmaps and will continue to be developed, although it is likely that they will not continue under the Forefront brand name.
http://tmgblog.richardhicks.com/2012/09/12/forefront-tmg-2010-end-of-life-statement/
0
 
TazzEEAuthor Commented:
Hi Btan

would you have an example of the syntax I should be using as I cant seem to get it working

thanks
0
 
btanExec ConsultantCommented:
May have to see if this "Scenario 5: Providing a response to a known HTTP request" can be reuse in your context. http://www-01.ibm.com/support/knowledgecenter/SSPREK_7.0.0/com.ibm.isam.doc_70/ameb_appl_guide/concept/con_http_trans_scenario5.html?lang=en

See also the "Replacing the HTTP response" as to how to manage WebSEAL upon it receiving an HTTPResponseChange document with action="replace" as a result of an HTTP Request or Response modification.
http://www-01.ibm.com/support/knowledgecenter/SSPREK_7.0.0/com.ibm.isam.doc_70/ameb_appl_guide/concept/con_http_trans_replace_rsp.html?lang=en
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Improve Your Query Performance Tuning

In this FREE six-day email course, you'll learn from Janis Griffin, Database Performance Evangelist. She'll teach 12 steps that you can use to optimize your queries as much as possible and see measurable results in your work. Get started today!

  • 4
  • 3
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now