Web Proxy

更新时间:2023-11-29 15:53:18

1. Usage Scenario

This page configures the web proxy for browser access and watermark policy.

Customers can add web proxy for users to visit their applications (http/https/ssh*/rdp* based applications ) via browser. Browser access can be used for users who are not convenient to install ESA client, like:

  • 3rd party partner users
  • part time staffs
  • contractors

With the proxy configured, when users access the application via browser, the URL visited will be a proxied URL instead of real address. In this way, we can protect application address from been exposed.

2. Operation Steps

1) Go to Web Security Gateway–>Basic Configuration to configure your web proxy server.

2) For security access, we recommend customers to use your own certificate and domain for web access.
Here are the steps:

  • Config a domain and upload certificate. We suggest to use 4-level domain name, For example: alex.esa.ABC.com. ABC refers to your company name.
  • Contact CDNetworks technical service to config CNAME to ESA platform. After configuration, CDNetworks technical service will return the CNAME domain, for example: nsesa.cdnetworks.com
  • On your name server, CNAME or NS your domain: *.esa.ABC.com or .esa.ABC.com (depends on your NS format) to nsesa.cdnetworks.com
  • After configuration completed, please send the alex.esa.ABC.com URL to your users.

There are two options for Proxy Authentication:
Secure authentication (recommended): means account authentication is required when user access login via web browser
Free authentication: means no account authentication is needed to access applications. This may be used in scenarios like API access.

China Premium Service控制台自助配置功能上线

3) User login: Copy the proxy URL: alex.esa.ABC.com to browser and then you will get ESA login page.
China Premium Service控制台自助配置功能上线

After login to ESA via URL, when user visit the application, for example: ERP, the actual visiting URL will be erp.esa.ABC.com. Users are visiting the proxied domain instead of real domain. By doing this, we can shield your applications from been exposed to Internet.

本篇文档内容对您是否有帮助?
有帮助
我要反馈
提交成功!非常感谢您的反馈,我们会继续努力做到更好!