Manualshelf

User`s guide

ManualsBrandsExtended Systems ManualsComputer equipmentOneBridge 4.1
11121314151617181920
8
Deployment Considerations
Before installing OneBridge Sync Server, take a few minutes to review this section. This information is intended to assist you in
making decisions regarding the best installation procedure for your network configuration.
OneBridge Sync Server can be installed to support a variety of network topologies. As the OneBridge Sync Server software
components are deployed within the corporate network, they can be installed on the same server or discretely on multiple
individual computers.
Before installing OneBridge Sync Server, two questions must be answered:
1. How are users going to access the network?
2. Where are the OneBridge Sync Server components going to be installed?
Network Access
A primary installation consideration is how users are going to access network data for synchronization. Will users be
synchronizing only from within the corporate LAN, or also from remote locations via the Internet? If users will be accessing Sync
Server via the Internet, it is recommended that the DMZ Proxy software be installed.
The DMZ Proxy software is a component that can be installed within a corporate DMZ or Firewalling Gateway to bolster security
for devices connecting to the Sync Server from outside the corporate network. The DMZ Proxy is a proxy server or an
application-specific firewall for Sync Server. The use of the DMZ Proxy makes utilizing filtering/firewalling significantly less
complex to set up while enhancing security and ease of use for such functions as auditing (for intrusion detection or usage
monitoring). The DMZ Proxy understands the OneBridge protocol and makes it possible to disallow any connections from the
Internet to the private network. The DMZ Proxy examines and authenticates each connection and checks OneBridge protocol
packets for validity.
The DMZ proxy is configured to forward packets to the Sync Server in the private network. The server's name and port, and the
protocol to be used are configured. You may choose either HTTP or HTTPS for the protocol, however, HTTP is recommended
since the information has already been encrypted. The firewalling/filtering rules between the DMZ and the private network
should be set up to only allow connections to the Sync Server from the DMZ Proxy.
The DMZ Proxy software is installed by choosing either the Multiple Node Installation or the Custom Installation options from the
Main Installation screen. See Installing the DMZ Proxy Software.
Note When using the DMZ Proxy, the public key displayed to users when they first connect to the server is the
public key stored on the DMZ computer. In this case, use the Key Manager program on the DMZ computer to get
the public key used in the Client Deployment Wizard or to provide to users to confirm the server's public key.
Single Node vs. Multiple Node Installation
Another key decision is determining where OneBridge Sync Server software components will reside when installed. Two
installation configurations are provided: Single Node and Multiple Node.
For Single Node installation, all of the OneBridge Sync Server installation components are installed on the same physical
computer. It is not recommended to install single node on the same machine as the groupware or database server.
For Multiple Node installation, the OneBridge Sync Server components are installed on multiple individual computers. This
method should only be used when scalability of the stand-alone configuration is not adequate or the OneBridge Sync Server
software needs to be installed on several nodes/computers to better integrate into existing security policies.
Deployment Methods
Depending on how users will connect, one of the following deployment methods is recommended for the Sync Server software:
Remote, Wireless, and LAN Connection – If users will be synchronizing over an Internet connection as well as using
a physical connection to the network, it is recommended that the DMZ Proxy Stand-alone OneBridge Sync Server
deployment method be used.
LAN Only Connection - If users will be synchronizing only when physically connected to the internal network, it is
recommended that the Stand-alone OneBridge Sync Server deployment method be used.