Showing results for 
Search instead for 
Did you mean: 

Clientless Core Web Access required to access Sharepoint, etc?

Not applicable

Clientless Core Web Access required to access Sharepoint, etc?

I'm a mechanical engineering consultant, and I need to give customers, vendors, and partners access to my network. I am running Windows Small Business Server 2003, and critical applications are Exchange, Sharepoint, Terminal Server, and Remote Desktop. All of these are part of the vanilla SBS 2003 installation.

Ease of setup is critical - especially for customers - so SSL VPN seems to be the right choice for me. I am talking with a couple of IT vendors and resellers, but I am trying to educate myself at the same time. I've read through a lot of the sales literature on Juniper's site, and I am beginning to grasp the capabilities and limitations of the available systems. I would appreciate if the participants here could confirm or correct the following for me:

(1) User licensing is based on concurrent users, not named users. So if I purchase a 10-user license, I could create as many named accounts for customers, vendors, and partners as required, but only 10 of them could be logged in at a time.

(2) I am considering the SA700. The Clientless Core Web Access option is required for my users to be able to access the Exchange Server, Sharepoint Server, and Terminal Server (have I forgotten anything?) that is provided as part of my Small Business Server installation.

I _really_ hope that the second one isn't true. If it is, are IP/SEC VPNs crippled in this same way? And what _can_ users do with the base system and no CCWA option? I'm basing my understanding on this description of the option, from the Juniper site:

Clientless Core Web access

- Access to Web-based applications,
including JavaScript, XML, or Flashbased
apps and Java applets, as
well as e-mail, Windows and UNIX file
share, telnet/SSH hosted-applications,
Citrix and Windows Terminal Services,
Terminal Emulation, etc.

- Provides the most easily accessible
form of application and resource
access from a variety of end-user
devices, and enables granular security
control options

Thanks for your help.

Rob Campbell
Frequent Contributor

Re: Clientless Core Web Access required to access Sharepoint, etc?


You may want to take this with a grain of salt since I've not worked with an SA700. I have however deployed SA1000s to SA6000s. From what I know of IVE, you will be able to handle access to Sharepoint, as well as TS/RDP. I'm not too sure about Exchange though. If you're using OWA, the answer is yes. But, if you actually want to allow a user with an Outlook client to connect to an Exchange server, I think you will need to utilize either Secure Application Manager or Network Connect. Folks, please chime in if I'm mistaken.
Frequent Contributor

Re: Clientless Core Web Access required to access Sharepoint, etc?

I think Red has it right. As to IPSEC VPN's - you've in effect created a tunnel between your network and the client - so the only restrictions on access are those you choose to enable. The Network Connect client serves much the same purpose, and would allow your customers to access Exchange natively (using Outlook, etc). Note that although these are client apps, they are served up on-demand - there is no need for your customers to pre-install or set anything up. So from an ease-of-support perspective I think this is still a good option for you (and OWA ain't all that bad...)


Respected Contributor

Re: Clientless Core Web Access required to access Sharepoint, etc?

Hi Imagitec,

You are correct on your 1st query; you purchase licenses for how many simultaneous users you would like to have active sessions.

The Core Clientless Web Access license enables you as the admin to create web, file, and telnet/SSH bookmarks for users rather than requiring the use of Network Connect. If your users will need an RDP connection, you will need to either enable Network Connect for those users or use one of the other devices such as an SA 2000.

You are correct in that for the SharePoint, OWA, and other web-based access the CCWA will work successfully for you. For anything that requires a client, such as RDP, you would need to enable Network Connect.

Without the CCWA option, users can do anything they can when they are in the office. The base SA 700 system includes Network Connect, the full VPN client. You configure the servers you want to allow access to for the role(s), the users login, launch Network Connect, and then the application they would normally use. If, for example, they would launch IE for SharePoint, that is what they do. If there is a database application, they would launch that and connect as usual.

Hope that helps.