A: WAP is a reverse proxy solution that publishes internal web applications for external access. The concept behind it is to streamline how users authenticate to web applications, and to provide a simple, integrated solution for both federation and remote access. In addition, WAP is designed to support consumer devices, BYOD initiatives, and Office application access.
A: Infrastructure requires:
The Celestix SecureAccess solution can be configured for either role. Also, three types of certificates are required:
A: WAP allows nonmanaged computers, tablets, and smart phones to access published resources with no additional requirements.
A: No. Recommended deployments should have edge security and a backend firewall
A: Unless there are specific concerns or policies, the WAP server only needs to be joined to the production Active Directory when you are using Kerberos Constrained Delegation for application access.
A: Typically, the WAP server is placed in a DMZ segment to support external users while the AD FS server is installed in your internal network. This is subject to your organization’s security policy.
A: The short answer is yes. The federation server fully qualified domain name (FQDN) is the same for internal and external users. Internal users need to resolve the name to the internal AD FS server, whereas the external users need to be redirected to the external facing WAP servers. While there are methods to provide name resolution, for example adding a host record, split DNS is usually the recommended approach.
A: Yes, it supports translation of URLs from their external name to an internal name, as well as TCP ports. WAP also supports HTTPS, and HTTPS to HTTP bridging.
A: If you are using either product for publishing internal applications, the WAP feature on the E Series could be a good fit. It offers new functionality that MSA does not have, namely the inclusion of federation services and enabling cloud application authentication.
Celestix Networks, Inc
North America: 510 668.0700EMEA : +44 (0)203 900 3737Asia : +65 6958 0822Japan : +81 3 5210 2991