Managing Resources

Network applications require that software components in different locations connect to each other and transfer data using specific services. The resources defined in SecureApp include the following:

Field

Permitted Objects
Source and Destination Servers and server groups: Can be hosts, IP ranges, subnets, load balancers and virtual servers.
Source only
  • Users: Defined by name and IP.
  • LDAP: Group imported from an LDAP active directory.
Services/Application identities
  • Services: Selected from SecureApp's services list of common services and/or defined custom services and service groups.
  • Application identities: The application level protocol used to connect sources and destinations, such as Facebook Apps. When creating your connections, you can select application identities from a predefined list in SecureApp.

To define resources, you can:

  • Automatically discover connection resources from device usage logs. Available on single domain mode only (see Enabling Multi-Domain in SecureApp for more information).
  • Automatically discover application connections and resources from firewall policies using the Application Setup Tool. Available on single domain mode only. For more information, contact Professional Services.
  • Import resources from an external database or file.
  • Manually create individual or groups of servers, users or services.

    Application identities are not created but selected from a comprehensive list available in SecureApp.

Once you define these resources, you can use them to build the required connections.

If a server is already defined for another application, you can use that server in the connection without defining a new server for your application.

If you edit the IP address of a resource or a member of a resource group, you can save the change and open a ticket to update the firewall rules that use the resource. The ticket includes "Drop" access requests for the connections that use the old details of the resource and "Accept" access requests for the same connections with the new details of the resource.