Products
Solutions
Partners
Support
Company
Try Now
Pulse Secure Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

conditional rewrite

SOLVED
Go to solution
braker_
Frequent Contributor
‎03-07-2013 10:33:AM
‎03-07-2013 10:33:AM

conditional rewrite

Is there a way to setup conditional rewriting based on whether the user has a Network Connect session established or not? We have a few bookmarks on our landing page and I would like to enable rewriting only if the user does not have a Network Connect session.

 

Thanks.

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
SVK_
Regular Contributor
‎03-10-2013 07:20:PM
‎03-10-2013 07:20:PM

Re: conditional rewrite

In that case one of the way to achieve this is, we have to detect if network connect is loaded in the memory or not based on which we can apply a policy.

Create a Host checker policy to evaluate a process dsNetworkConnect.exe. Based on the policy evaluation we can configure a conditional rewriting. would you like to go by this approach?

 

Regards,

SVK

View solution in original post

0 Kudos
8 REPLIES 8
SVK_
Regular Contributor
‎03-07-2013 07:12:PM
‎03-07-2013 07:12:PM

Re: conditional rewrite

with a detailed rules based on a condition we can either allow or deny. in our case the condition being tricky if nc is launched  has to be tested out. I will test this and update.

 

 

other easy option is to remove the browser cookie once NC launches, by which browser session to SA would be terminated and all the traffic will go through Network connect.

This is a new feature and need SA version to be on 7.2RX release.

 

Regards,

SVK

 

0 Kudos
SVK_
Regular Contributor
‎03-07-2013 07:13:PM
‎03-07-2013 07:13:PM

Re: conditional rewrite

for removing the browser cookie please refer the following KB

http://kb.pulsesecure.net/kb21942

0 Kudos
braker_
Frequent Contributor
‎03-08-2013 06:13:AM
‎03-08-2013 06:13:AM

Re: conditional rewrite

Thanks for the reply. I'll look into removing the cookie as an option.

 

Some of our less technical users have grown dependent on the bookmarks as a starting point rather than creating their own favorites for critical resources. Given the choice, I suspect the business would prefer to keep the bookmarks even if that means rewriting unnecessarily. Hoping I could avoid that through conditinal rewirting.

 

-john.

0 Kudos
zanyterp_
Respected Contributor
‎03-10-2013 07:15:PM
‎03-10-2013 07:15:PM

Re: conditional rewrite

Another option would be to use the bookmarks page as just that: a bookmark/landing page BUT not rewrite any of the traffic (or do rewriting for some). In order to reduce the calls from this decision & users not able to get the page, set the bookmarks to all open in a new page
0 Kudos
SVK_
Regular Contributor
‎03-10-2013 07:20:PM
‎03-10-2013 07:20:PM

Re: conditional rewrite

In that case one of the way to achieve this is, we have to detect if network connect is loaded in the memory or not based on which we can apply a policy.

Create a Host checker policy to evaluate a process dsNetworkConnect.exe. Based on the policy evaluation we can configure a conditional rewriting. would you like to go by this approach?

 

Regards,

SVK

0 Kudos
braker_
Frequent Contributor
‎03-11-2013 06:53:AM
‎03-11-2013 06:53:AM

Re: conditional rewrite

Many thanks for the information.

 

What I have done so far is to create a new Host Checker policy. For Window, it detects the process dsNetworkConnect.exe and is set to monitor the rule for for changes. The policy is assigned to evaluate at realm level.

 

I have also created a rewriting policy with detailed rules, one to not rewrite the resource if the HC policy evaluates as true and one to rewrite if the policy evaluates as false.

 

This seems to be working as desired. With NC running, I get the un-rewritten version, when its shut-off, I get the rewritten version.

 

Anything I missed? Are there any drawbacks to this approach in terms of performance, load, etc?

 

What is the equivalent process name for Mac and Linux? 

0 Kudos
SVK_
Regular Contributor
‎03-11-2013 07:50:AM
‎03-11-2013 07:50:AM

Re: conditional rewrite

you have got it configured correctly.


On linux and mac we can achieve this by configuring for host checker for process. this need to be tested.

 

Configuring hostchecker should not any performance issue as this will be evaluated mostly at the client end

 

Regards,

SVK

0 Kudos
SVK_
Regular Contributor
‎03-11-2013 07:58:AM
‎03-11-2013 07:58:AM

Re: conditional rewrite

For Linux and mac configure a host checker policy for process and test the following.

 

Linux : ncsvc

Mac : Network Connect.app

 

please mark this post as 'accepted solution' if this answers your question that way it might help others as well, a kudo would be a bonus thanks

 

Regards,

SVK

0 Kudos
© 2017 Pulse Secure, LLC. Use of this website assumes acceptance of our Legal Notices and Privacy Policy. Pulse Secure has updated its Privacy Policy effective June 28, 2017.