Publishing application like OWA , or RDP to servers to SSL portal.

Reply
Highlighted
L3 Networker

Publishing application like OWA , or RDP to servers to SSL portal.

Hi,

Is it possible to set up the Palo Alto to publish internal applications on the SSL vpn protal ? Just like the Juniper SSL devices lets you do ?

Regards,

Sunil

Highlighted
Not applicable

Re: Publishing application like OWA , or RDP to servers to SSL portal.

No, this is not available.  I wish it was as it would be a great addition to the product line.

Highlighted
L3 Networker

Re: Publishing application like OWA , or RDP to servers to SSL portal.

Thanks,

Yes ,  most customers ask for this ability when they look at the SSL VPN component of the product.

Does anyone know if this feature will be available in the product anytime soon ?

Regards,

Sunil

L4 Transporter

Re: Publishing application like OWA , or RDP to servers to SSL portal.

Hi Sunil,

I guess part of the reason to do this was to give a sense of application control.  The Palo Alto Networks solution will give full security once you gain access to the SSL VPN and/or GlobalProtect.  This is done by user, application, HIP - which is not available on most remote access solutions.

Shortcuts/bookmarks can be pushed to client stations through GPO or done manually by the user.

I think the game has shifted a little and the use cases can be reviewed.  A full portal may still make sense in some areas - but worth reviewing the actual requirements.

Thanks

James

Highlighted
L3 Networker

Re: Publishing application like OWA , or RDP to servers to SSL portal.

Hi James,

Thanks for the detailed response. It makes sense from a security perspective becuase of palo's ability to secure and control applications . Most customers who ask for the published services on the SSL portal would like to use clientless SSL that lets you reverse proxy to the published applications on the web browser. This is also useful when you connect using a mobile device like an Iphone or even a device which is not yours , a friends machine or a device on another company network where you cant really install an SSL client, I guess clientless vpns just runs a Java applet on your browser.

The other aspect that comes to mind is the convenience of having the published applications to be clicked , as we go to multiple access devices (some which cant be controlled using GPO) , like mobile devices , tablets and other operating systems it just seems more convenient to have a web interface where all access channels are published.  We can still run all the Palo Next generation firewall features of application control , IPS etc across these sessions also.

Just thinking out loud.

Regards,

Sunil

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!