How to Use Application System Protection in Secure Access Gateway - AnySecura Manual
This guide will help you configure the Application System Protection feature within AnySecura's Secure Access Gateway. You'll learn how to define which servers are protected, ensuring only authorized, encrypted processes can access them.
We'll then walk through setting up a custom warning page for unauthorized access attempts and how to bind this protection to specific AnySecura client software, giving you precise control over your secure application environment.
Application system protection, used in conjunction with the encryption client, ensures that only specified processes can access the protected application system server. Additionally, files uploaded locally by the client to the protected server will be decrypted, while files downloaded from the server to the client will be encrypted.
39.7.1 Protection Scope
Go to "Application System Protection -> Protection Scope" to set the application system servers protected by the Secure Access Gateway device. The setup details are as follows:
| Attribute Name | Description |
|---|---|
| IP Address and Port | Set the IP and port parameters for the application system server. Supports setting IP ranges and port ranges. The format can be as follows: IP:Port, e.g., 192.168.1.50:8080 IP:Port Range, e.g.,192.168.1.50:80-8080 IP Range:Port, e.g., 192.168.1.50-192.168.1.60:80 IP Range:Port Range, e.g.,192.168.1.50-192.168.1.60:80-8080 |
| Remarks | Optional remarks. |
Protected application system servers can only be accessed via secure processes. Therefore, after setting up the protected servers, encryption must be enabled for clients in the AnySecura console. Additionally, in "Encryption -> Secure Communication Settings -> Application System Protection," enable "Protection for Application Systems" and set the secure processes.
39.7.2 Warning Page
The warning page serves the purpose of redirecting users who attempt to access the protected range without using a secure process. This page provides relevant notification information.
Go to "Application System Protection -> Warning Page" to configure the settings. The configuration options for the warning page are as follows:
| Attribute Name | Description |
|---|---|
| Default Warning Content | By default, the warning page is a system forwarding page with a pre-configured layout. The system warning page allows guest login. Administrators can modify the page content or reset it to the default layout. |
| Custom Warning Link | If you want to use an existing HTTP server page, you can choose another forwarding page and enter the webpage address. |
39.7.3 Product Binding
By default, no product ID is bound, meaning any secure process can access the protected application system. When a specific product ID is bound, only clients with that product ID can access the protected application server through a secure process. Clients with other product IDs will not be able to access the server through a secure process.