|
|
|
Another deployment of the SPS provides access control for external users, but allows direct access to destination servers for internal users. If a destination server provides access to secure applications for individuals within the enterprise, a standard SiteMinder Web Agent can be installed on the destination server to provide access control. Users who are properly authenticated through the SPS can use single sign-on.
The following illustration shows an example of an extranet network deployment.
This deployment provides the following benefits:
All extranet traffic passes through the SPS and is forwarded to the appropriate destination server once users are authenticated and authorized for requested resources.
All information is located behind multiple firewalls to protect from extranet attacks. Information that is appropriate for intranet users does not incur the overhead of agent to SiteMinder communication. SiteMinder can still protect sensitive resources, however.
The SPS and intranet Web Agents use the same Policy Server and provide single sign-on for authorized extranet users on all destination servers.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |