|
|
|
Enterprises that provide access to network resources for employees, customers, and partners face a number of challenges, including:
SiteMinder provides solutions to many of these challenges, including authentication and authorization of users, and a complex engine for evaluating user entitlements. The SPS further expands the benefits of core Policy Server and Web Agent functionality by providing a reverse proxy solution.
This reverse proxy solution adds the following capabilities:
You can deploy the SPS in an enterprise to serve the following functions:
To limit access to destination servers and provide a central entry point to the network, the SPS can be placed in front of all destination servers in the enterprise. HTTP or HTTPS requests that come into the enterprise can be filtered through the SPS, and forwarded to the appropriate destination server for fulfillment.
The following illustration shows how the SPS handles all HTTP and HTTPS requests.
Destination servers that contain content do not require SiteMinder Web Agents. The only network element that resides behind the first firewall is the SPS. All users must be authenticated and authorized by SiteMinder residing behind the second firewall. The destination servers provide content after SiteMinder and the SPS verify user entitlements.
This deployment provides the following benefits:
The SPS uses proxy rules defined in XML configuration files to establish how the SPS handles requests. Proxy rules can be based on:
In addition, the conditions for proxy rules can be nested to create rules that incorporate multiple conditions.
All HTTP and HTTPS traffic passes through the SPS. Based on the proxy rules established for the SPS, requests are forwarded to the appropriate destination servers for fulfillment.
The SPS uses the built-in web agent to communicate with SiteMinder and perform authentication and authorization of requests.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |