What is a network-based application?
In simple terms, a network-based application in Safous acts like a traditional VPN, providing secure access to specific networks, IP addresses, or ports using designated protocols.
Prerequisites
To create Network-based applications, you need to have an admin user to configure your environment including adding applications, please check the following KB article to learn more about Admin access in Safous: https://support.safous.com/kb/login-to-admin-portal
Steps
- Log in to Safous Admin Portal
- For Global customers: https://portal.safous.com
- For China customers: https://portal.safous.cn
- Navigate to Settings > ZTNA, Select Networks
- Click the New Network button
- Name: Enter a unique and descriptive name for your application.
- CIDR: Specify the IP address range(s) you want to allow access to. Enter each CIDR on a separate line.
- Site (Optional): Select the specific site if you have a multi-site deployment. It is recommended to choose a site based on the location of the application. If you don't want to specify the site, leave it as all.
- TCP Ports: Enter the TCP port numbers or ranges to allow (e.g., 80, 443, 1-65535). Use commas to separate values and hyphens for ranges.
- UDP Ports: Similar to TCP ports, enter the UDP port number or ranges.
- Name: Enter a unique and descriptive name for your application.
- Once all fields are filled, click the Save button. You will receive a success notification.
Accessing Your New Network Application
To access Network-based applications you've created, you need to ensure the following:
- The user must have been created by the administrator, please refer to here
- The user must have enrolled the MFA and be able to log in successfully, please refer to here
- The administrator must have created a policy granting the user authorization for the network application, please refer to here
- Users can log in to the Safous User Portal using their web browser.
- After logging in, click on "Download Agent" to install the Safous Agent. You can choose one of the agent options to download and use. For general information about the agent, please check here
- Once the agent is installed and connected, users can access the network application. You can verify connection to the network by using standard networking tools like ping or telnet