About access to internal file systems with IAG

Applies To: Intelligent Application Gateway (IAG)

Whale Communications Intelligent Application Gateway (IAG) 2007 provides two applications that enable remote users to access file systems on the internal network:

  • Local drive mapping application

  • File Access application

About local drive mapping

The Local Drive Mapping application enables you to map internal Windows shared network folders (shares) to network drives on a remote client endpoint. Users can then connect to the folders directly on the remote client endpoint, and depending on policy configuration, they can download and upload files to and from those folders. Local Drive Mapping is supported on client endpoint computers that run Windows XP, Windows Server 2003, or Windows 2000 Server operating systems.

It is recommended that local drive mapping is only enabled for client endpoints that comply with your corporate client endpoint policy. For example, you can configure a client endpoint policy to specify that only client endpoints running the latest version of corporate antivirus software are allowed to access internal shares. For more information about configuring client endpoint policies, see Managing IAG client endpoint policies.

For more information about configuring local drive mapping, see Configuring remote access to mapped Windows shares with IAG.

You allow remote access to folders by adding the Local Drive Mapping application to a portal trunk. You can enable access to multiple shares by adding multiple Local Drive Mapping applications, one for each share. For more information see Enabling UPN logon for forms-based authentication to IAG.

About file access

File Access is a Web application that enables authorized remote users to access, view, and download files from internal Windows network and Novell NetWare file servers, from any location, and it allows users to upload files to the servers by using a browser. Through an IAG portal, File Access presents remote users with an Explorer-like view, from which all permitted file folders can be accessed.

The File Access application enables you to define domains, servers, and shares which are accessible to authorized remote users over the Internet. The existing network resource definitions are used as the basis for the File Access definitions, including:

  • Domains

  • Servers

  • Shares

  • Individual user permissions

After you define File Access resources, remote users are able to view only the specific folders for which they already have access permissions within the organization. These will invariably be a subset of the cross-organization domains, servers, and shares, defined for File Access. However, if the remote user has permission to access a certain domain, server, or share that was not defined as part of the File Access, these locations will not be accessible, regardless of such permission.

For more information about configuring file access, see Configuring remote access to file servers with IAG.

You allow remote access to file servers by adding the File Access application to a portal trunk. For more information, see Enabling UPN logon for forms-based authentication to IAG.