The ease of deployment
goes hand in hand with the ease of implementing popular enterprise applications,
hence the current focus on Application Intelligence in SSL VPNs.
Unlike other SSL VPNs where administrators have to do complicated technical
confi guration in order to get popular internal applications published onto a Web portal,
the IAG 2007 administrator simply selects from a list of ???out of the box??? applications
provided by Microsoft. IAG 2007 then performs most of the setup automatically.
The hard work has been done by Microsoft; they have put together all the popular
applications available and compiled a list of security considerations linked to each
Using Intelligent Application Gateway 2007 ??? Chapter 8 305
application. This is made available as automatic rule sets within IAG 2007 and ISA 2006.
IAG 2007 then has the capacity to be manually changed to comply with nonstandard
back-offi ce systems and policies. This means that security can be tweaked to match
complex security policies with organizations.
The major gain derived from implementing an SSL VPN is enabling access from
computers which are not under company control. Taking this into consideration, the
organization will need to implement endpoint policies to control access to corporate
servers from unmanaged devices. Endpoint policies need to be implemented to state
which conditions must be met by managed or unmanaged devices to gain access to
the organization??™s SSL VPN and or applications made available on the Web portal.
Pages:
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308