Symantec Access Management

  • 1.  Site maintanace

    Posted Jun 07, 2016 11:50 AM


    What is the best pactices we can use siteminder during the production releases? Here is the use case

    We want have a our QA team want to verify our applications before we open up our site for the public after we deployed our applications in productions. QA team will be internal resources and coming in for our local IP address.

     

    One option that I can think of is to create a policy with the our IP address range to let them in to the applications and rest of the user (who are coming from the external IP) direct them to maintenance page.



  • 2.  Re: Site maintanace
    Best Answer

    Broadcom Employee
    Posted Jun 07, 2016 10:11 PM

    Hi Matheen,

     

    I suppose you could use IP based policy to restrict access to your new applications / content before it goes into production and use web agent response redirects to send to your maintenance page.

     

    My suggestion and I believe best practice though would be to perform this testing in a dedicated test environment / QA environment that the end user will never have access to and would be separate from your production site / systems.

     

    If you must do this in production, which again I would advise against doing testing in a production system, I would probably not even let the end user know of the new application or functionality to be brought online. Why make the URL public or release it on your portal or give them access to hack away at it while it is not tested. You can control who can access the site via network policies / proxies / firewall rules so that the site will not be available to the public until properly white listed.

     

    Again though I would encourage doing testing in a test environment and passing all QA tests before releasing something into production.

     

    Thanks,

    Adam