Guide
TrainingSupportCommunity

Set up services for an application

Suggest Edits

These configurations of services for your application are optional and include:

  • Data compression services. By default Enterprise Application Access compresses all traffic. To disable compression, deselect the box.

  • URL rewrite services. Improve site delivery and optimize the content from your applications.

  • Internet Content Adaptation Protocol (ICAP) services. Service Chaining with Internet Content Adaptation Protocol (ICAP).

  • URL path-based services. When applications have specific URL paths that must be treated differently from URL paths to the main application, use URL path-based rules to enable or disable authentication or redirect to a different group of servers.

Data compression services

Disable default traffic compression.

  1. Log in to Enterprise Center.

  2. In the Enterprise Center navigation menu, select Application Access > Applications > Applications.

  3. Select your application to open it.

  4. In Services deselect Compression.

  5. Click Save and Deploy.

URL rewrite services

In Enterprise Application Access you can configure URL rewrite rules globally, or by type.

Global rewrite rules may apply to all content types and make a general correction to the URL strings. If you use an ​Akamai​ domain as the external hostname for an application with absolute URLs, a global rule to rewrite the internal application name to the external application name delivers ease of use content rewriting.

URL rewriting improves site delivery by optimizing the content from your applications. In Enterprise Application Access URL rewrite rules are often necessary when internal and external hostnames for an application differ. For example, some links may try to serve content from the intranet to external users. In this case, the link fails and the application does not serve content. Once the URL path is rewritten, the link goes to the external site and is able to serve the content.

The below table describes five rewrite type options available that apply to either the response or the request to help fix broken links.

Content typeDescription
Content rewriteThe internal path is in the original string and the external path is in the replacement string. Here Enterprise Application Access looks at the response packet to rewrite.
Post body rewriteThere is a body to content that is uploaded and posted in formats such as JSON, XML, or others. For post body rewrite, content is rewritten on its way back to the user from the server. The original string contains the external path and the replacement string contains the internal path. Here Enterprise Application Access looks at the request packet to rewrite.
Query body rewriteA user may use the external path to write content. Here Enterprise Application Access looks at the request packet to rewrite.
Location rewriteHere EAA Client looks at the response packet to rewrite.
Cookie rewriteThis is an uncommon case. Cookies are usually used to maintain the state of the application. If user is unexpectedly logged out of a session, a cookie rewrite rule may help. In this case, the original string carries the internal path and the replacement string carries the external path.

Rewrite groups allow you to apply rewrite rules across distinct applications that are related to one another.

  1. Log in to Enterprise Center.

  2. In the Enterprise Center navigation menu, select Application Access > Applications > Applications.

  3. Select your application to open it.

  4. Enable Services > Rewrite.

  5. Click Add Rule (+).

  6. Enter a name for the rule and click Add.

  7. Click Edit Rule for the new rule you added. Complete the rewrite attribute fields.

  8. Click Save Rule ().
    To delete the rule, you can click the Delete rule to remove it.

  9. Click Save and Deploy.

For groups see Create application groups for rewrite rules.

Internet Content Adaptation Protocol (ICAP) services

The Internet Content Adaptation Protocol (ICAP) is designed to offload the processing of Internet-based content to dedicated servers. ICAP helps free up resources and standardize how features are implemented. ICAP is a lightweight protocol for executing a remote procedure call on HTTP messages. It allows ICAP clients to pass HTTP messages to ICAP servers. Enterprise Application Access (EAA) allows administrators to do service chaining with existing, co-located security appliances that support ICAP protocol for further processing of files being sent to and from users. Examples of ICAP servers includes enterprise antivirus appliance, IPS/IDS service, and others.

The ICAP configuration fields are:

  • Service Name. Enter a descriptive name for the service.

  • Host. Enter the host or IP address of the co-located ICAP server to leverage with the Enterprise Application Access Cloud service. This field is optional.

  • Port. Enter the port number used by the ICAP server. The default entry is 1344.

  • Health Check. To turn health checks on the ICAP server off, select OFF from the menu. To turn health checks for the ICAP server on, select either the ICAP protocol or TCP protocol. If you select TCP, health checks run using a TCP-only protocol.

  • HTTP methods. Depending on the application the HTTP method may determine the directionality of the file transfer. For example, a POST may correspond to a file upload and a GET may correspond to the file download. Select the methods to specify the direction for file transfers to forward to the ICAP server for further processing. By default POST is selected.

  • Secure ICAP. Select this option to use the secure version of the ICAP protocol with the EAA connector. This is optional.

  • Max File Size. Enter the maximum file size, in megabytes, that should be sent to the ICAP server for processing. By default, this is set to 500 MB.

  • Exceeds Max File Size. If the file exceeds the maximum file size, select either Deny to reject the file transfer or Ignore to forward the transfer request to the application server without any further processing. By default, this is set to Deny.

Configure Internet Content Adaptation Protocol (ICAP) for an application.

  1. Log in to Enterprise Center.

  2. In the Enterprise Center navigation menu, select Application Access > Applications > Applications.

  3. Select your application to open it.

  4. Enable Services > ICAP.

  5. Click Add Rule (+).

  6. Complete the ICAP configuration fields as necessary.

  7. Click Save and Deploy.

URL path-based services

Applications may have one or more origin servers from which they serve content. These servers can be configured to handle a URL path and allow customers to specify a set of servers for each URL path. When applications have specific URL paths that must be treated differently from URL paths to the main application, use URL path-based rules to enable or disable authentication or redirect to a different group of servers. For example, if your application has a special content page located at http://myapp.com/content that is served from a different server than what the main application is served from, and requires no authentication, you can disable authentication to this URL path and redirect to a separate server group for just the /content URL path.

📘

Note

You cannot use wildcards in the URL path for path-based services.

In Enterprise Application Access URL path-based policies are an advanced configuration setting. Your rule can specify a load balancing group, configure server load balancing, and health check configuration attributes. Configuring URL paths in Enterprise Application Access helps to meet the configuration requirements of the applications themselves. If you do not define URL path-based rules, Enterprise Application Access default is to the main server set given in the application configuration.

  1. Log in to Enterprise Center.

  2. In the Enterprise Center navigation menu, select Application Access > Applications > Applications.

  3. Select your application to open it.

  4. Enable Services > URL path-based policies.

  5. Click Add Rule (+).

  6. Enter a name for the rule and a URL path.

  7. Click Save Rule ().

  8. Enter the IP address of the server to redirect traffic to.
    Hover over the lens icon on the left of the rule. Make sure the health check configuration information is correct.

  9. Click the Edit Rule and complete the server load balancing, health check configuration information.

  10. Click Save and Deploy.

Updated over 1 year ago