More high
310 Chapter 8 ??? Using Intelligent Application Gateway 2007
availability servers can be added to the confi guration by navigating to the Admin High
availability servers menu in the menu bar of the IAG Confi guration page.
The advanced trunk confi guration section allows the SSL VPN administrator to
confi gure options otherwise left unconfi gured by default. These options include:
?– Server Certifi cate Certifi cate issued to the external site.
?– Website Logging Enable detailed Web portal logging.
?– Authenticate User on Session Login What type of authentication used.
?– Logoff Scheme Logoff URL, message, and session termination.
?– Session Confi guration Session limits and attachment wiper.
?– Endpoint Policies Web portal endpoint policies.
?– Application Customization Allows IAG to customize published applications.
?– Application Access Portal The intelligent application portal.
?– URL Inspection See host address translation (HAT).
Figure 8.7 Security and Networking
The major technical challenge SSL VPN administrators face regarding providing
access to internal applications across the Internet is within the applications internal
references. IAG 2007??™s host address translation (HAT) engine encrypts and translates
any number of internal host names to a single external host name. End users will
never have the ability to launch attacks based on what they see in the Web portal.
Pages:
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313