Secure Mobile Access 100 10.2 Administration Guide

Portals > Application Offloading

The Portals > Application Offloading page in the Secure Mobile Access management interface provides an overview of the Application Offloading functionality available from the Portals > Portals page. No configuration is available on this page.

Application Offloading provides secure access to both internal and publicly hosted Web applications. An application offloading host is created as a special-purpose portal with an associated virtual host acting as a proxy for the backend Web application.

Unlike HTTP(S) bookmarks, access to offloaded applications is not limited to remote users. The administrator can enforce strong authentication and access policies for specific users or groups. For instance, in an organization, certain guest users might need Two-factor or Client Certificate authentication to access Outlook Web Access (OWA) but are not allowed to access OWA public folders. If authentication is enabled, multiple layers of SonicWall advanced authentication features such as One Time Password, Two-factor Authentication, Client Certificate Authentication and Single Sign-On can be applied on top of each other for the offloaded host.

The portal must be configured as a virtual host with a suitable Secure Mobile Access domain. It is possible to disable authentication and access policy enforcement for such an offloaded host.

Web transactions can be centrally monitored by viewing the logs. In addition, Web Application Firewall can protect these hosts from any unexpected intrusion, such as Cross-site scripting or SQL Injection.

Access to offloaded Web applications happens seamlessly as URLs in the proxied page are not rewritten in the manner used by HTTP or HTTPS bookmarks.

An offloaded Web application has the following advantages over configuring the Web application as an HTTP(S) bookmark in Secure Mobile Access:

  • No URL rewriting is necessary, thereby improving the throughput tremendously.
  • The functionality of the original Web application is retained almost completely, while an HTTP(S) bookmark is only a best-effort solution.
  • Application offloading extends Secure Mobile Access security features to publicly hosted Web sites.

Application offloading can be used in any of the following scenarios:

  • To function as an SSL off loader and add HTTPS support to the offloaded Web application, using the integrated SSL accelerator hardware of the SMA appliance.
  • In conjunction with the Web Application Firewall subscription service to provide the offloaded Web application continuous protection from malicious Web attacks.
  • To add strong or stacked authentication to the offloaded Web application, including Two-factor authentication, One Time Passwords and Client Certificate authentication.
  • To control granular access to the offloaded Web application using global, group or user-based access policies.
  • To support Web applications not currently supported by HTTP/HTTPS bookmarks. Application Offloading does not require URL rewriting, thereby delivering complete application functionality without compromising throughput.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.