Geocortex Security Configuration and ArcGIS Portal: request for advice

Hi Geocortex Users,

 

I am soliciting advice about which choice to make to configure security.

 

Here is my scenario. We have an Enterprise Advanced ArcGIS Server behind our firewall. We want to open it up to ArcGIS Online by installing an ESRI Reverse Proxy. We also have ArcGIS Portal. And, of course, we have Geocortex. We have a single non-federated Active Directory for users.

 

Our goal is to have 3 groups be able to authenticate:

1. For internal users only (behind the firewall): Active Directory users with Geocortex Identity server providing roles. (our AD is not very flexible for managing groups).
2. For internal and external ArcGIS Online users: use ArcGIS Portal to authenticate.
3. For public user: grant anonymous access to a limited set of layers.

 

 

So… what to do?

1. Upgrade Servers and Client from 10.2.2 to 10.4.x.
2. Get SSL certification.
3. Reinstall Webadaptor to get SSL.
4. Install reverse proxy in the internet DMZ.
5. Install Portal behind firewall.
6. Configure Portal to use LDAP.
7. Federate ArcGIS Server to Portal.
8. Configure Geocortex Security to use ArcGIS Portal.
9. Also configure Geocortex to use Geocortex Identity Server so AD users can connect in office but have role defined by Geocortex.

What's your advice for config?

 

 

 

Wiley

 

 

 

Contra Costa County, CA

 

Public Works Department