How to configure the endpoint detection policy in Intelligent Application Gateway (IAG) to specifically detect Internet Explorer 7

When you use Intelligent Application Gateway (IAG), you may have to restrict client users to use certain browsers because of your corporate browser standards, because of application compatibility, or because of security concerns. In the Policy Editor, you can select Internet Explorer 5.0 and Higher for a browser detection policy. However, this browser detection policy detects any versions of Internet Explorer that are equal to or later than version 5.0.

This article describes how to configure the endpoint detection policy to specifically detect Windows Internet Explorer 7.

To configure the endpoint detection policy to detect Internet Explorer 7, follow these steps.

Preparing the files

1. Copy and paste the following text into Notepad, and then save the file as Detect.inc.

   <%
   g_ScriptList("/InternalSite/CustomUpdate/IE7.vbs") = false
   %>

2. Copy and paste the following text into Notepad, and then save the file as IE7.vbs.

   Results("IE7")=False 
   
   valueVV=Whale.Registry.RegRead(rkHKEY_LOCAL_MACHINE,"SOFTWARE\Microsoft\Internet Explorer\Version Vector","IE") 
   whale.debugecho ("Read value to be (" & value & ")") 
   
   if Err=0 And lcase(valueVV)="7.0000" then 
   Results("IE7")=True 
   Whale.DebugEcho "IE7 registry check PASSED" 
   End If 
   
   If Results("IE7") = False Then 
   Err.Clear 
   valueV=Whale.Registry.RegRead(rkHKEY_LOCAL_MACHINE,"SOFTWARE\Microsoft\Internet Explorer\Version","IE") 
   whale.debugecho ("Read value to be (" & value & ")" )
   End If 
   
   if Results("IE7") = False And Err=0 And lcase(valueV)="7.0000" then 
   Results("IE7")=True 
   Whale.DebugEcho "IE7 registry check PASSED" 
   else 
   Whale.DebugEcho "Error: IE7 registry check FAILED" 
   end if  
   

3. Copy and paste the following text into Notepad, and then save the file as PolicyDefinitions.xml.

   <Categories>
    <Category>
      <Id>IE7</Id>
      <Name>IE7</Name> 
      <Title>IE7</Title>
      <ToolTip>IE7</ToolTip>
      <Help></Help>
      <GuiType>1</GuiType>
      <Width>260</Width>
      <Description>Endpoints Must Meet All the Selected Requirements:</Description>
      <Definition>
       <Condition>AND</Condition>
       <Columns> 
        <Column>
         <Id>IE7</Id>
         <GuiType>CheckBox</GuiType>
         <Type>String</Type>
         <Width>240</Width>
         <Validation></Validation>
         <Name>IE7</Name>
        </Column>
       </Columns>
       <Rows>          
        <Row>
          <Id>IE7</Id>
          <Value>
           <DefaultValue>IE7</DefaultValue>
           <Expression>IE7</Expression>
          </Value>
        </Row>     
       </Rows> 
      </Definition>
    </Category>
   </Categories>
   

4. Copy and paste the following text into Notepad, and then save the file as PolicyTemplate.xml.

   <Policies>
    <!-- Variables -->
    
    <Policy>
     <Name>IE7</Name>
     <ID>IE7</ID>
     <Type>0</Type>
     <Value>False</Value>
     <Description></Description>
     <Section>Variables\IE7</Section>
    </Policy>
   </Policies>
   

File placement

1. Copy the IE7.vbs file into the following folder:
   e-Gap\von\InternalSite\CustomUpdate
   Note Throughout these steps, the e-Gap placeholder represents the folder in which IAG is installed.
2. Copy the PolicyTemplate.xml file and the PolicyDefinitions.xml file into the following folder:
   e-Gap\von\conf\CustomUpdate
3. Rename the Detect.inc file as "TrunkName1detect.inc" or as "TrunkName0detect.inc," as appropriate.
   
   Note Replace the TrunkName placeholder with the name of the trunk. For an HTTPS trunk, rename the file as "TrunkName1detect.inc." For an HTTP trunk, rename the file as "TrunkName0detect.inc."
4. Copy the file that you renamed in step 3 into the following folder:
   e-Gap\von\InternalSite\inc\CustomUpdate

Configuring the detection policies

1. On the server that is running IAG, open the IAG Configuration console. To do this, click Start, point to All Programs, point to Whale Communications IAG, and then click Configuration.
2. On the File menu, click Activate.
3. On the Activate Configuration page, click to select the Apply changes made to external configuration settings check box, and then click Activate.
4. Click OK.
5. Close and then reopen the IAG Configuration console.
6. In the console tree, click the trunk to which you want to apply the Internet Explorer 7 endpoint detection setting, and then click Configure next to Advanced Trunk Configuration.
7. On the Session tab, click Edit Policies, and then click Add.
8. In the Policy Name box, type the name that you want to use for the new policy. For example, type IE7 Required.
9. In the Explanatory Text Added to 'Access Denied' Message box, type a description for the new policy. For example, type To access the gateway site, you must be running Internet Explorer 7.
10. In the navigation pane, click IE7, and then click to select the Enable Group check box.
11. In the Endpoints Must Meet All the Selected Requirements list, click IE7, and then click OK.
12. Click Close.
13. Apply the policy that you created to the specific endpoint actions, and then click OK.
14. On the File menu, click Activate.
15. Click Activate to confirm the activation operation, and then click OK.