Incorrectly set up <Admin> layers can produce log in-related issues and security risks such as the following:
Unable to logout from ProxySG Web-Console. Clicking the logout button will just refresh the page and administrator will still be logged in.
No password prompt when accessing the Web-Console. It will give access to anyone trying to login to proxy’s web-console without authentication.
These issues are produced when the <Admin> layer(s) is not set up correctly. A possible scenario is when an “Admin Access Layer” is present without a corresponding “Admin Auth Layer”, a rule in the “Admin Access Layer” such as the following results in unrestricted access:
<Admin> ALLOW admin.access=(READ, WRITE)
The above rule will give anyone “Read-Write” access to the ProxySG without any authentication as there is no “Admin Auth Layer”.
Important: Admin Access Layers should be carefully designed. Rules like the one above can grant full admin rights to the wrong users.
Imported Document ID: 000015939
Subscribing will provide email updates when this Article is updated. Login is required.
Thanks for your feedback. Let us know if you have additional comments below. (requires login)
Subscribed to the Article.
Unable to subscribe
Thanks for your additional feedback !!!
Enterprise Support Virtual Agent
Rate Me :
Tell us more:
Welcome! My name is Sami, the Enterprise Support Virtual Agent answering technical support questions.