Skip to main content

Check out Interactive Visual Stories to gain hands-on experience with the SSE product features. Click here.

Skyhigh Security

Add Applications

 
icons.png  Watch an interactive demo on Private Access User Launchpad  
 

Add applications within an application group to logically manage different applications as one entity. Intended users can access these applications based on the rules applied in the private access policies.

  • Any PA app where the server initiates the connection is not supported. Eg: active FTP, where the client waits for the server to initiate the connection. This will not work as a PA app.
  • Access is only restricted based on the Host and Port fields not on the configured protocol.

To add an application:

  1. Go to Settings > Infrastructure > Private Access Configuration.

Screenshot (248).png

  1. Click Applications tab.

Screenshot (249).png

  1. Under the Action menu, click Add Application.

Screenshot (250).png

A new Add Application window appears.

Screenshot (251).png

Screenshot (258).png

  1. Complete the following fields:
  • Name. Enter the name of the application.
  • Protocol. Select the protocol used to access an application. Supported protocols are HTTP, HTTPS, SSH, RDP, and Others (TCP). 

NOTES:  

  • The Port field automatically populates the default port used by the selected protocol. If you do not want to use the default port numbers, you can change them. Make sure to specify the port when you select Others (TCP).
  • If your private application uses SMB protocol (port 445), then make sure to enable the Include traffic originating from OS Core option in the SCP configuration policy (.opg) file before exporting it.
  • Host. Enter the fully qualified domain name (FQDN) of the application. You can add "*" before the domain to match every web request sent to a domain. For example, you can add **sky.com, app1.sky.com, app2.sky.com Add a Private Access Policy that allows this host. You can view all these hosts on the Discovered Private Applications page.

    NOTES: When a smart match host is added to a PA App configuration, all the matching apps must be reachable from all the connectors in that group.

    When a smart match host is added to a PA App configuration, ensure that no other PA host matches that smart match host. E.g: if *sky.com, is a smart match host, then app1.sky.com, app2.sky.com shouldn't be added

  • Port. Displays the port used to connect an application for the selected protocol. You can specify the ports in multiple different ways - Range (80-90), Individual (80, 90, 8080), or both (100-300, 80, 90) 

NOTE: You cannot add multiple applications with the same protocol, host, and port. 

  • Application Group. Select an application group from the drop-down list or enter an application group name to create a new application group.
  • Assign Connector Groups. Assign an existing connector group or create a connector group and assign it to an application. Click Select to assign an existing group or select New to add a connector group. 

NOTE: Any PA app that is public should be reachable directly from the connector, without any proxy in between the connector and the PA app 

  • Users with Visiblity in Launchpad - Select the user to access an application. The selected users and user groups can view this application in their Private Application launchpad. 

NOTE: By default, all the applications will be visible to user lists and user groups. 

  •  User Names/List
    • Manually enter users - Enter the user name manually. Multiple users should be separated by a comma.

      Screenshot (296).png
       
    • Use a List - Select the User List from the available user lists.

      Screenshot (276).png

      Click Show selected only to view the list of selected user lists.

      Screenshot (276)_1.png
       
  • User Groups - Select a User Group from the list of available user groups. To create a new list/group, see List Catalog.

    Screenshot (277).png

    Click Show selected only to view the list of selected user groups.

    Screenshot (278).png
  1.  Click Save

Screenshot (279).png

Screenshot (280).png

 

  • Was this article helpful?