Specifications
76
Web Forwarding!
Web forwards provide a secure way of remotely accessing a company’s intranet resources and as such
are an essential tool in helping reduce the risk of unauthorized access to the corporate network. This
chapter covers all the essentials to allow a super user to manage these resources, from what a Web
forward is, how they work to managing them. Web forwards come in three types - tunneled, path based
reverse proxy and replacement proxy. This chapter details each and when best to use each type.
By!the!end!of!thi s!chapter!the!reader!should!have!a!good!underst anding!of!Web! f orwards!and!
how!to!use!them.!
What is a Web Forward?
Simply put, Web forwards redirect HTTP traffic. By creating a Web forward the publisher can make
an internal Web resource accessible to the outside world – without ever having to publish the resource
on to the World Wide Web.
Take for example a company intranet or an internal Web-based application. Without Web forwards
users can only access these resources internally within the LAN. Trying to access these remotely
would mean having to publish these on the Internet. Making a company’s sensitive internal resources
available over an un-trusted publicly accessible network leaves the system vulnerable to attacks.
Web forwards reduce these vulnerabilities by publishing Web forwards on a VPN. The elimination of
the resource from the Internet instantly minimizes the chances of the internal network being
compromised. When accessing the Web resource users have to sign in to the user portal through strict
authentication techniques. During the course of the session the communication channels are secured
through SSL and then to further enhance security your appliance’s policy settings can restrict those
that can even access the Web forward.