Dell SonicWALL Secure Mobile Access 8.5
Administration Guide
36
The Secure Mobile Access administrator can configure Web (HTTP) or Secure Web (HTTPS) bookmarks to allow
user access to web-based resources and applications such as Microsoft OWA Premium, Windows SharePoint 2007,
Novell Groupwise Web Access 7.0, or Domino Web Access 8.0.1, 8.5.1, and 8.5.2 with HTTP(S) reverse proxy
support. Reverse-proxy bookmarks also support the HTTP 1.1 protocol and connection persistence.
HTTPS bookmarks on SMA 400 and SRA 4600 appliances support keys of up to 2048 bits.
HTTP(S) caching is supported on the SMA/SRA appliance for use when it is acting as a proxy Web server deployed
between a remote user and a local Web server. The proxy is allowed to cache HTTP(S) content on the SMA/SRA
appliance which the internal Web server deems cacheable based on the HTTP(S) protocol specifications. For
subsequent requests, the cached content is returned only after ensuring that the user is authenticated with the
SMA/SRA appliance and is cleared for access by the access policies. However, Secure Mobile Access optimizes
traffic to the backend Web server by using TCP connection multiplexing, where a single TCP connection is used
for multiple user sessions to the same web server. Caching is predominantly used for static Web content like
JavaScript files, style sheets, and images. The proxy can parse HTML/JavaScript/CSS documents of indefinite
length. The administrator can enable or disable caching, flush cached content and set the maximum size for the
cache.
Content received by the SMA/SRA appliance from the local Web server is compressed using
gzip
before sending
it over the Internet to the remote client. Compressing content sent from the appliance saves bandwidth and
results in higher throughput. Furthermore, only compressed content is cached, saving nearly 40-50 percent of
the required memory. Note that gzip compression is not available on the local (clear text side) of the SMA/SRA
appliance, or for HTTPS requests from the remote client.
Telnet (Java)
Java-based Telnet client is delivered through the remote user’s Web browser. The remote user can specify the IP
address of any accessible Telnet server and the SMA/SRA appliance makes a connection to the server.
Communication between the user over SSL and the server is proxied using native Telnet. The Telnet applet
supports MS JVM (Microsoft Java Virtual Machine) in Internet Explorer, and requires Sun Java Runtime
Environment (JRE) 1.1 or higher for other browsers. Telnet also supports HTML5 and Smart Access selection.
SSHv1 and SSHv2 (Java)
Java-based SSH clients delivered through the remote user’s Web browser. The remote user can specify the IP
address of any accessible SSH server and the SMA/SRA appliance makes a connection to the server.
Communication between the user over SSL and the server is proxied using natively encrypted SSH. The SSHv1
applet supports MS JVM in Internet Explorer, and requires SUN JRE 1.1 for other browsers. SSHv2 provides
stronger encryption and has other advanced features, and can only connect to a server that supports SSHv2.
SSHv2 support sets the terminal type to VT100. SSHv2 requires JRE 1.6.0_10 or higher, available from
. SSHv2 also supports HTML5 and Smart Access selection.
FTP (Web)
Proxy access to an FTP server on the internal network, the Internet, or any other network segment that can be
reached by the SMA/SRA appliance. The remote user communicates with the SMA/SRA appliance by HTTPS and
requests a URL that is retrieved over HTTP by the SMA/SRA appliance, transformed as needed, and returned
encrypted to the remote user. FTP supports 25 character sets, including four Japanese sets, two Chinese sets,
and two Korean sets. The client browser and operating system must support the desired character set, and
language packs might be required. FTP also supports HTML5 and Smart Access selection.
File Shares (CIFS)
File Shares provide remote users with a secure Web interface to Microsoft File Shares using the CIFS (Common
Internet File System) or the older SMB (Server Message Block) protocols. Using a Web interface similar in style to
Microsoft’s familiar Network Neighborhood or My Network Places, File Shares allow users with appropriate
permissions to browse network shares, rename, delete, retrieve, and upload files, and to create bookmarks for
later recall. File shares can be configured to allow restricted server path access.