Sun Microsystems 2005Q1 Server User Manual


 
Secure Remote Access
Chapter 1 Portal Server Architecture 25
Each enterprise assesses its own needs and plans its own deployment of Java
Enterprise System technology. The optimal deployment for each enterprise
depends on the type of applications that Java Enterprise System technology
supports, the number of users, the kind of hardware that is available, and other
considerations of this type.
Portal Server is able to work with previously installed software components. In this
case, Portal Server uses the installed software when the software is an appropriate
version.
Secure Remote Access
Sun Java System Portal Server Secure Remote Access (SRA) offers browser-based
secure access to portal content and services from any remote browser enabled with
Java technology.
SRA is accessible to users from any Java technology-enabled browser, eliminating
the need for client software. Integration with Portal Server software ensures that
users receive secure encrypted access to the content and services that users have
permission to access.
SRA is targeted toward enterprises deploying highly secure remote access portals.
These portals emphasize security, protection, and privacy of intranet resources.
The SRA services–Access List, the Gateway, NetFile, Netlet, and Proxylet– enable
users to securely access intranet resources through the Internet without exposing
these resources to the Internet.
Portal Server runs in open mode and secure mode, that is, either without SRA or
with SRA.
Portal Sever in Open Mode
In open mode, Portal Server is installed without SRA. The typical public portal
runs without secure access using only the HTTP protocol. Although you can
configure Portal Server to use the HTTPS protocol in open mode (either during or
after installation), secure remote access is not possible. This means that users
cannot access remote file systems and applications.
The main difference between an open portal and a secure portal is that the services
presented by the open portal typically reside within the demilitarized zone (DMZ)
and not within the secured intranet.