Managing Application Connections

Application connectivity includes each network connection that the application needs. To build the connectivity requirements for the application, you add connections and then add resources to the source, service and destination of the connections.

Field

Permitted Objects
Source
  • Servers and server groups that are defined for the application (hosts, subnets, IP ranges and load-balancer virtual servers).
  • Network resources that are defined for external applications
  • Users, user groups, or LDAP groups.
  • Any
Service/Application Identity
  • Pre-defined services
  • Custom services or service groups
  • Application Identities
  • Any
Destination
  • Servers and server groups that are defined for the application (hosts, subnets, IP ranges and load-balancer virtual servers).
  • Network resources that are defined for external applications
  • Any

If you have a large number of connections, you can configure how many connections are shown on each page. You can enter the page to go to or click Next or Prev to navigate the connections pages.

To let users create connections that use servers from other applications in both the source and destination, the administrator must enable this permission in Settings > SecureApp Settings: Allow users to create connections with external resources in both source and destination

What can I do on this page?

  • Create a connection, an application interface, or a connection to application

  • Edit the connection: Add resources manually or with connection discovery, remove resources from the connection, or change the list of members in a group that is used in the connection.

    In the connection, click for these actions:

    • Edit connection name and comment - Select Properties to edit the name or comment of the connection.
    • Duplicate connection
    • Repair connection
    • Delete connection: Remove the connection and its details from the application

  • Check connection compliance: Verify if the connection is compliant with organizational security policies, based on the SecureTrack Unified Security Policy. (Requires View security compliance violation permission)

  • Sort the connections: You can sort the connections by these criteria: Name, Date created, Date modified, Status, Tickets, Application, Discovered (Discovery status), Comments. To sort the connections, select from the Sort by dropdown box and click on the ascending or descending arrow.

  • Search in the connections: You can enter one or more application connection search terms (not case-sensitive) to show only the matching connections, external connections, application interface, connections within an application interface, and connections to applications.

  • Review the connection status: See the icon indicating the connection status.To view a detailed analysis of the routing and firewall rules that impact the connection, click on the status icon. For more information, see Monitoring Application Status.

  • Create Ticket: If you have a license for SecureChange, you can create a SecureChange ticket to implement the changes to the connection that you made since the last time you created a SecureChange ticket.

    If you do not have a license for SecureChange, you can click View Ticket to see the connections in an access request format. You can then export the ticket contents to a CSV file so that you can forward the access request details to the team responsible for implementing firewall changes.

    When exporting to a CSV file, or XSLX file, if a special character ( = - + @ ) appears at the beginning of any field, a single quote (') is automatically added before the character.

  • Revert Changes: Click this button to automatically revert all the changes done on the application connections since the last ticket submission. When you click this button, you'll see a list of changes that you can review.

    If there are changes that cannot be automatically reverted, you will see them in this popup. You cannot revert any changes if there are some that cannot be reverted.

    Once a ticket is submitted, this button is disabled until there are new changes on the application connections.

  • Handle Rejected Tickets - Click to handle a rejected ticket.

  • If you have application interfaces or application packs, publish connections - click to publish the connections to application pack to make them available for use. If a new connection is added or a connection is deleted, you must republish for the changes to update other applications.

How Do I Get Here?

Applications > Create an application or select an existing application