Computer Associates recently announced the availability of a product designed to help IT managers control access to back-end Web content.

CA's eTrust SiteMinder Secure Proxy Server (SPS) r6 works with the company's eTrust SiteMinder, a Web security product that provides centralized, policy-based access management and single sign-on to Web applications and resources. SPS extends SiteMinder, CA says, by enabling IT managers to manage access to hosted applications remotely, centrally administer security policies and ensure the integrity of network demilitarized zones (DMZ).

Basically, a proxy server can hide the details of the internal network to external, unauthenticated users.

For example, SiteMinder SPS prevents non-authenticated users from entering the DMZ and keeps the internal network masked from external users.

SiteMinder SPS is physically deployed in the DMZ and communicates with eTrust SiteMinder's Policy Server that sits behind another firewall. SiteMinder SPS' job is to make sure that only traffic from properly authenticated users is allowed through the DMZ. It can enable single sign-on for devices that don't support cookies, such as browsers and some wireless devices. The proxy server can also help route requests to back-end Web servers based on varying factors.

For example, proxy rules can flow requests to destination servers based on factors such as URL query string, host name and HTTP headers.

SiteMinder SPS also supports multiple sessions schemes, such as cookies, SSL session IDs, device IDs, IP addresses and URL re-writing.

SiteMinder SPS r6 is generally available now. Pricing information is available from CA representatives.

Ann Bednarz is associate news editor at Network World.