The major benefit with using the Winsock Redirector Service to control clients who have the WGIC installed, is its ability to control how client applications will be treated when they make requests through WinGate to the Internet. You can configure application control from both the WGIC configuration on the client machine, or from various places in the WinGate Management console when you are administering WinGate.
Since the WGIC has an MSI installer, it makes it ideal form of control which can be easily rolled out to a Windows Active Directory network. With sufficient Windows policy, the WGIC can be preconfigured to handle applications according to administrative requirements. The WGIC application allows you to specify how applications on that machine should be handled using the Winsock Redirector protocol. There are a number of different modes that applications can be set to in the WGIC configuration.
When using a WinGate script system (such as the Lua or Javascript event processors) or a configuration that has access to a Symbol browser, the Winsock Redirector Service can make available data related to the various WRS events. It will register its own Session object that provides data related to the WRS event. The Session object provides a range of methods including a Session.Application method so you can determine the name and type of application which is making the request through WinGate from a WGIC machine.
This means that you could determine what WGIC client application caused the WRS events to take place. This allows good control over what applications clients are using to make requests to the Internet.
e.g. A script could contain:
Session.Application.Contains("example.exe",0)
This would check to see if the application making the request from the WGIC machine was called example.exe.
The WRS will register the Application control policy item with the Policy system. This is only available to policies that are based on the WRS::ApplicationLoad event and can be conveniently placed inside the policy flow chart in order to control the attributes of the WGIC application making connections through WinGate.
When used in conjunction with a script policy item, applications can be identified by the script policy item and handled by the Application Control policy item accordingly.
The Application control policy item has a number of control options:
Allow application to have network access
This allows the application to make a connection through WinGate regardless of its destination. This option is checked by default.
Application makes connections through WinGate
This setting determines whether the application is allowed to make requests to the Internet through WinGate.
Application can receive connections via WinGate
This setting essentially allows you to have server applications on the WGIC machine receive inbound connections through WinGate from the Internet. This similar to setting the server application to Global mode on the WGIC machine.
Read more about allowing WGIC machines to receive connections from the Internet
Monitor connection with WinGate Monitor
This setting allows the use of the WinGate monitor.
The policy flow chart example below, shows the steps required to create a policy based on the WRS::ApplicationLoad event. This policy will use the Expression Evaluator policy item to determine what application is creating the event. If the application is called example.exe, then the policy will then use the Application Control policy item to set how the application will be handled. If it is any other type of application, then network and in turn Internet access will be denied for that application through WinGate.
(For more information on creating a policy and using the policy editor please refer to the Policy system help)
to browse the Symbol browser for the Session.Application method and insert it at the beginning of the statement.
You can use basic Full-Text Searches against the page title and body to find matching articles. Use the following search modifiers to refine your query:
