Home
About UsOur CustomersContact Us 24/7MVP Expert Zone
WRTU
Forefront EDGE | TMG | UAG | IAG | DAForefront Endpoint | FEP | FCSForefront Server | FPE | FPSP | FSOCS | FSMMCIdentity and Access Management | IAM | IDM | FIMGeneral ForefrontMicrosoft Security
Articles
Intelligent Application Gateway | IAG 2007Forefront Unified Access Gateway | UAG 2010Forefront Threat Management Gateway | TMG 2010Forefront UAG DirectAccess | DAForefront Endpoint Protection | FEP 2010Forefront Client Security | FCSForefront Protection for Exchange | FPEForefront Protection for SharePoint | FPSPForefront Security for OCS | FSOCSForefront Server Security Management Console FPMCSForefront Identity Manager | FIM 2010Active Directory SecurityActive Directory Rights Management Services AD RMSActive Directory Federation Services | AD FSActive Directory Certificate Services | AD CS PKI
Videos
Intelligent Application Gateway | IAG 2007Forefront Unified Access Gateway | UAG 2010Forefront Threat Management Gateway | TMG 2010Forefront UAG DirectAccess | DAForefront Endpoint Protection | FEP 2010Forefront Client Security | FCSForefront Protection for Exchange | FPEForefront Protection for SharePoint | FPSPForefront Security for OCS | FSOCSForefront Server Security Management Console FPMSCActive Directory SecurityActive Directory Rights Management Services AD RMSActive Directory Federation Services | AD FSActive Directory Certificate Services | AD CS PKI
Forums
General for all Forums | AnnouncementsIntelligent Application Gateway | IAG 2007Forefront Unified Access Gateway | UAG 2010Forefront Threat Management Gateway | TMG 2010Forefront UAG DirectAccess | DAForefront Client Security | FCSForefront Endpoint Protection | FEP 2010Forefront Online Protection for Exchange | FOPEForefront Protection for Exchange | FPEForefront Protection for SharePoint | FPSPForefront Security for OCS | FSOCSForefront Identity Manage | FIM 2010Active Direcroty SecurityActive Direcroty Rights Management Services AD RMSActive Directory Federation Services | AD FS | WIFActive Directory Certificate Services | AD CS PKI
TechNet Forums
Services
DesignImplementationProject ManagementCustom Development and Customization
Online Training
Online Store
Shopping Cart
Online Support
Online Support and Debugging Tools
ForefrontSecurity TV
 Â Â Â Â Â Â 
Article View
How to customize IAG Application Firewall error pages
Created by Idan on 9/29/2010 2:08:26 PM

Before you begin

Intelligent Application Gateway 2007 (IAG) is not a regular SSL VPN product, IAG includes Application Firewall functionalities that protects internal published web applications through a built-in portal, protects the portal itself and also protect public web sites from Application attacks

In a read world scenarios we want to change the default pages of the product so malicious entities that will try to attack the portal will not identify the product that defend it. Important thing to say is that if malicious entities will really want to identify the product they will manage to do it

The default error pages looks like this:

Prerequisites

To analyze web pages and find specific lines in CSS / HTML pages according to the page design I recommend you to download and use FireBug for Firefox https://addons.mozilla.org/en-US/firefox/addon/1843

Important to know!

  1. You will need basic knowledge in CSS (Cascading Style Sheets) and HTML to custom this pages
  2. You can download the custom code
  3. This is the final custom output of the application firewall error pages:

Configuration Procedures

Phase 1: Copy and Paste the sample files to the CustomUpdate directories

  1. Copy the following files "bottomText.inc", "customDefault.inc", "logo.inc" from c:\Whale-Com\e-Gap\von\InternalSite\samples (see the print screen below

  2. Paste the following files "bottomText.inc", "customDefault.inc", "logo.inc" from c:\Whale-Com\e-Gap\von\InternalSite\inc\CustomUpdate (see the print screen below)

    Change the files names based on the following syntax:

    + <0 or 1 (0 for HTTP trunk and 1 for HTTPS) > + <"FileName.inc">

    For example if your portal name is "portal" and its HTTPS portal, the file name should be "portal0FileName.inc" (see the print screen below)

  3. Copy the following file "template.css" from c:\Whale-Com\e-Gap\von\InternalSite\css (see the print screen below)

  4. Paste the file "template.css" to c:\Whale-Com\e-Gap\von\InternalSite\css\CustomUpdate (see the print screen below)

    Change the file name based on the following syntax:

    + <0 or 1 (0 for HTTP trunk and 1 for HTTPS) > + <"FileName.inc">

    For example if your portal name is "portal" and its HTTPS portal, the file name should be "portal0FileName.inc" (see the print screen below)

  5. Copy your custom LOGO file to c:\Whale-Com\e-Gap\von\InternalSite\Images\CustomUpdate (see the print screen below

  6. The following code describe the original file: "bottomText.inc"

       Â

    

       Â

<%'include file for bottom text%>

        

            

                

            

        

                    <%=GetString(4, "This site is intended only for authorized users.")%>

                    <%=GetString(5, "If you encounter any problems with this site please contact your system administrator at")%> <%=administratorMailAddress%>

                

    

  1. The following code describe the original file: "customDefault.inc"
  2. The following code describe the original file: "logo.inc"

Phase 2: Customize the files in the CustomUpdate directorie

  1. The following code describe the Customize file: portal0bottomText.inc

    In the following file I changed only the marked string

    <%'include file for bottom text%>

  2. The following code describe the Customize file: portal0customDefault.inc

    In the following file I changed only the marked string

  3. The following code describe the Customize file: portal0logo.inc

    This code responsible for following section (and more)

  4. The following code describe the Customize file: portal0template.css

    The blueBorder responsible for the default blue line in the default error page (which I removed)

    You can see that I change it to white = #000000

  5. To find the specific line in the CSS / HTML file you can use Firebug (see the print screen below

Phase 3: Replace the strings on the pages

  1. If you want to remove / replace all the strings that are related to Whale Communication / Intelligent Application Gateway etc ... you will need to copy the file "sample_default.xml" from c:\Whale-Com\e-Gap\von\InternalSite\Languages (see the print screen below)

  2. Paste the file to c:\Whale-Com\e-Gap\von\InternalSite\Languages\CustomUpdate (see the print screen below)
  3. Change the file name from "sample_default.xml" to "Default.xml"

  4. Search and Replace the strings in the file c:\Whale-Com\e-Gap\von\InternalSite\Languages\CustomUpdate\Default.xml
  5. Activate the IAG settings

    This is the final and custom web application firewall web page according to this article

If you have any issues with the following configurations please go to our Technical Forums in the following link: http://Forums.ForefrontSecurity.ORG

powered by metaPost

print
rating
 Comments