Upload
others
View
32
Download
0
Embed Size (px)
Citation preview
Installation Guide
version 2.6 March 2015
Secure Intranet Gateway GLOBO Plc.
Copyright Notice and Usage Terms This guide is Copyright © 2012 GLOBO. All Rights Reserved. Permission is granted to make and distribute verbatim copies of this documentation provided the copyright notice and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this documentation under the conditions for verbatim copying, provided that the entire resulting derived work is distributed under the terms of a permission notice identical to this one.
Disclaimer Information in this document is subject to change without notice and does not represent a commitment on the part of GLOBO.
Installation Guide version 2.6 Introduction i
Contents
Introduction 1
Installation Overview 5
Pre-installation requirements and considerations 6
Integration options supported by SIG .............................................................. 6 Deployment options and Network connectivity requirements ........................ 7 Minimum system requirements ..................................................................... 12
Downloading the installer 13
Installing the configuration utility of SIG 14
Running the configuration wizard 19
Selecting Component to Install ...................................................................... 19 Secure Intranet Gateway configuration ......................................................... 20
Step 1: About .................................................................................... 20 Step 2: Prerequisites ......................................................................... 22 Step 3: Settings ................................................................................. 23 Step 4: Software Update ................................................................... 24 Step 5: Registration ........................................................................... 27
Secure Intranet Gateway Router configuration ............................................. 31 Step 1: About .................................................................................... 31 Step 2: Prerequisites ......................................................................... 32 Step 3: Settings ................................................................................. 33 Step 4: Software Update ................................................................... 34 Step 5: Final Check ............................................................................ 37
Uninstalling Secure Intranet Gateway 39
Appendices 44
Appendix A – Support for multiple GO!ES systems ........................................ 44
For More Information 46
Installation Guide version 2.6 Introduction 1
Introduction
About This Guide
The purpose of this guide is to help IT personnel to install a stand-alone instance of the Secure Intranet Gateway (SIG).
About Secure Intranet Gateway (SIG)
Secure Intranet Gateway (SIG) is the component of GLOBO’s enterprise mobility platform which enables secure access to web-based or other applications residing within the company network (e.g. company intranet, corporate databases, accounting, customer management).
The Secure Intranet Gateway (SIG) is used for supplementing the following GLOBO’s enterprise mobility solutions:
GO!Enterprise for secure browsing as well as connecting to remote mail & files, databases and other data sources for GO!Apps
GO!Enterprise247 for secure browsing as well as connecting to databases and other data sources for GO!Apps
GO!AppZone for connecting to databases and other data sources for GO!Apps
SIG and GO!Enterprise
When the GO!Enterprise solution needs to access corporate resources which do not reside at the same network as the GO!Enterprise Server, then it is necessary to use a stand-alone instance of SIG to enable secure access to these resources.
The following scheme presents the SIG as stand-alone component, which resides within the company’s network, enabling secure access to the corporate resources of this location.
Installation Guide version 2.6 Introduction 2
This SIG setup can be replicated more than one time to cover other remote locations. Thus, multiple SIG instances can form a “farm” around the same GO!Enterprise Server, serving all different needs.
Every SIG instance is registered against the GO!Enterprise Server and serves requests (in co-operation with GO!Enterprise Server) for authentication and other security context based functions.
SIG and GO!Enterprise247
If you want to supplement the standard mobility services provided by the cloud hosted GO!Enterprise247 with additional corporate-specific services, then it is necessary to use a stand-alone instance of SIG to enable secure access to the required corporate resources.
The following scheme presents the SIG as stand-alone component, which resides within the company’s network, enabling secure access to the corporate resources of this location.
Installation Guide version 2.6 Introduction 3
This SIG setup can be replicated more than one time to cover other remote locations. Thus, the multiple SIG instances form a parallel cloud that co-exists with the cloud-hosted core.
Every SIG instance is registered against the GO!Enterprise247 and serves requests for authentication and other security context based functions.
SIG and GO!AppZone
The GO!AppZone platform is the perfect environment for developing, testing, building and deploying cross-platform mobile apps. It includes:
GO!AppZone Studio, a visual IDE for rapid mobile app development
GO!AppZone Test, a cloud service with a companion app for easy testing on different mobile devices
GO!AppZone Build, a cloud-based compiler for producing app-store ready or enterprise-ready mobile apps
GO!AppZone Deploy, a mobile back-end as a service (MBaaS) for secure integration with third-party systems, data synchronization, over-the-air app updates, and push notifications
The GO!AppZone platform combines HTML5 and native technologies to implement a flexible architecture for rapid development and deployment of mobile apps. At the core of this architecture lies a mobile app container which hosts and renders application definition files, called GO!Apps. Mobile app containers can optionally use a mobile back-end server for advanced connectivity, synchronization and application management functionalities.
GO!Apps can securely access third-party systems in the corporate LAN using a mobile back-end server (GO!AppZone Test or GO!AppZone Deploy) and a Secure Intranet Gateway (SIG). The SIG is usually
Installation Guide version 2.6 Introduction 4
installed behind an external firewall or in a corporate DMZ and acts as a proxy for all connections between GO!AppZone Test/Deploy servers and enterprise systems in the LAN. All data transmissions between GO!AppZone Deploy servers and the SIG go through a secure channel that protects sensitive data from unauthorized access.
A typical deployment is presented below.
Installation Guide version 2.6 Installation Overview 5
Installation Overview
Solution Components and Installation Modes
Secure Intranet Gateway (SIG) component
The Secure Intranet Gateway is provided as an individual component, that should be installed within the company network together with the applications or systems that need to be connected to GLOBO’s enterprise mobility platform servers. The SIG is usually installed behind an external firewall or in a corporate DMZ and acts as a proxy for all connections between the enterprise systems in the LAN and GLOBO’s enterprise mobility platform servers. All data transmissions between GLOBO’s enterprise mobility platform servers and the SIG go through a secure channel that protects sensitive data from unauthorized access.
Secure Intranet Gateway Router (SIG Router) component
For corporate environments where security policies do not allow public-facing servers to directly connect to servers in the corporate LAN, it is possible to perform what is called a “split-mode” installation. In this scenario, the SIG resides in the corporate LAN and is accessible via another component, the Secure Intranet Gateway Router (SIG Router) which is installed in the corporate DMZ.
Procedure Outline
To install the above solution components, you need to:
1 Download the SIG installer.
2 Install the configuration utility (wizard) of SIG.
3 Run the configuration wizard and follow the relevant installation instructions.
Note: You need to log in as a user with Administrator Privileges on the Windows Server where the solution’s components will be installed.
Tip: If you have already installed and run the configuration utility and you want to modify the configuration, you can run again the configuration utility. The utility will display the current configuration of the component and will guide you about which settings are allowed to be modified.
Before proceeding with the Secure Intranet Gateway installation procedure, it is highly recommended to check carefully the prerequisites that apply to your installation scenario and make sure that the relevant specifications are fulfilled.
Installation Guide version 2.6 Pre-installation requirements and considerations 6
Pre-installation requirements and
considerations
Integration options supported by SIG The following tables present the integration and connectivity options that are supported by the SIG.
Authentication and Directory Services
Integration Scope
GO!Enterprise Server 1
LDAP/Active Directory
Exchange Web Services (EWS), public 2
Exchange Web Services (EWS), non-public 1: The authentication credentials of the users are stored at the database of the GO!Enterprise Server. 2: Public means that the system is accessible via the internet.
Email and PIM
Integration Scope
Exchange Web Services (EWS), public 1
Exchange Web Services (EWS), non-public 1: Public means that the system is accessible via the internet. Integration with Lotus Domino is also supported.
Content repositories
Integration Scope
Installation Guide version 2.6 Pre-installation requirements and considerations 7
Files and folders
SharePoint, public 1
SharePoint, non-public 1: Public means that the system is accessible via the internet.
Connectivity with back-end systems
Connectivity option
SQL server 1
MySQL
Oracle
SOAP
WCF
REST
ODBC 1: It is required that the SQL server is configured to listen on a static port (e.g. 1433)
Deployment options and Network connectivity
requirements SIG can be installed in one of the following topologies:
Compact mode: The SIG is installed in a public/DMZ internet enabled zone.
Installation Guide version 2.6 Pre-installation requirements and considerations 8
Split mode: The SIG is installed behind the DMZ (keeping it protected from free public access) while, additionally, the SIG Router is installed in the DMZ.
For both Compact Mode and Split Mode, the necessary outbound connections must be allowed so that the SIG can reach the required remotely located GLOBO’s enterprise mobility platform server(s).
Specifically:
If you have: SIG should be able to reach: From ports:
GO!Enterprise The GO!Enterprise server which runs on your organization premises
80 and 443
GO!Enterprise247 The GO!Enterprise247 domain which has been registered to your organization
80 and 443
GO!AppZone The following domain: .goappzone.com 80 and 443
Installation Guide version 2.6 Pre-installation requirements and considerations 9
Furthermore, depending on the installation topology, the following network connectivity requirements must be fulfilled:
Topology Network connectivity requirements
Compact Mode
SIG should be able to:
Listen from the Internet (any source) to port 22*
Reach the organization’s backend systems (at the local corporate network) which need to be accessed from GLOBO’s enterprise mobility platform servers from the corresponding ports**
Split Mode SIG Router should be able to:
Listen from the Internet (any source) to port 22*
Reach the SIG from port 22*
SIG should be able to:
Listen from the public IP of the SIG Router to port 22*
Reach the organization’s backend systems (at the local corporate network) which need to be accessed from GLOBO’s enterprise mobility platform servers from the corresponding ports**
* Port 22 is the default setting but it is possible to use a different port.
** It is highly recommended that the SIG can access only those corporate resources which are necessary for your GO!Apps.
Proxy Servers
If proxy servers will be used, you need to configure the relevant proxy settings.
See:
Defining proxy settings for the Secure Intranet Gateway.
Defining proxy settings for the Secure Intranet Gateway Router.
Example of a deployment
Assume you want GO!AppZone to access your organization’s LDAP and SQL servers. For example:
System IP (internal) Port
LDAP 192.168.10.12 389
Installation Guide version 2.6 Pre-installation requirements and considerations 10
SQL Server 192.168.10.100 1433
Case 1: Compact Mode
You set up a SIG in the DMZ. For example:
System IP (public) Port
SIG 54.86.200.30 22
You need to specify the following for the firewalls:
Internal Firewall:
Source Destination Port Action
54.86.200.30 192.168.10.12 389 Permit
54.86.200.30 192.168.10.100 1433 Permit
External Firewall:
Source Destination Port Action
Any 54.86.200.30 22 Permit
You also need to ensure that:
54.86.200.30 can reach the domain .goappzone.com from ports 80 and 443.
Installation Guide version 2.6 Pre-installation requirements and considerations 11
Case 2: Split Mode
You set up a SIG behind the DMZ and a SIG router in DMZ. For example:
System IP Port
SIG 192.168.10.240 (internal) 2225
SIG router 54.86.200.45 (external) 22
You need to specify the relevant rules for the firewalls:
Internal Firewall:
Source Destination Port Action
54.86.200.45 192.168.10.240 2225 Permit
External Firewall:
Source Destination Port Action
Any 54.86.200.45 22 Permit
You also need to ensure that:
192.168.10.240 can reach the domain .goappzone.com from ports 80 and 443.
Installation Guide version 2.6 Pre-installation requirements and considerations 12
Minimum system requirements
SIG
4GB RAM
Windows 7, Windows 8.x, Windows Server 2003 or later (Windows Server operating systems are recommended for corporate production environments)
Microsoft .NET Framework 3.5 SP1 and .NET Framework 4
Access to servers and/or services of the GLOBO’s enterprise mobility platform (e.g. GO!Enterprise Server, GO!Enterprise247, GO!AppZone Test, GO!AppZone) – see: Deployment options and Network connectivity requirements
SIG Router (optional)
4GB RAM
Windows Server 2003 or later
Microsoft .NET Framework 3.5 SP1 and .NET Framework 4
Access to servers and/or services of the GLOBO’s enterprise mobility platform (e.g. GO!Enterprise Server, GO!Enterprise247, GO!AppZone Test, GO!AppZone) – see: Deployment options and Network connectivity requirements
Installation Guide version 2.6 Downloading the installer 13
Downloading the installer
Depending on which enterprise mobility solution you are using, navigate to the respective location to download the SIG’s installer.
GO!Enterprise
While at the Admin Console, navigate to:
System menu > Secure Intranet Gateway
GO!Enterprise247
While at the Admin Console, navigate to:
System menu > Secure Intranet Gateway
Or
Support menu > Help Desk > Downloads
GO!AppZone
While at the GO!AppZone site (www.goappzone.com), navigate to :
Resources menu > Downloads
Then, scroll down to Secure Intranet Gateway
Installation Guide version 2.6 Installing the configuration utility of SIG 14
Installing the configuration utility of
SIG
Step 1: Initiate the setup procedure
Initiating the executable installer file displays a wizard which will guide you through the required actions.
Throughout the procedure, clicking:
Next advances you to the next step,
Back takes you to the previous step
Cancel aborts the procedure.
Installation Guide version 2.6 Installing the configuration utility of SIG 15
Step 2: Accept License Agreement
This screen details the License Agreement and it is advised that you carefully read the relevant EULA terms & conditions to check that you agree with them.
You must accept the License Agreement, otherwise you cannot proceed to the next step of the installation procedure.
Step 3: Select installation folder
The default location where the SIG will be installed is displayed, but you can specify an alternative location.
Installation Guide version 2.6 Installing the configuration utility of SIG 16
Step 4: Set off the installation
Select Install to proceed with the installation.
Installation Guide version 2.6 Installing the configuration utility of SIG 17
Step 5: Conclude the installation procedure
Wait while the SIG is being installed and when the installation is completed, the following screen is displayed.
Installation Guide version 2.6 Installing the configuration utility of SIG 18
If you want the Secure Intranet Gateway Configurator to start automatically right after clicking Finish, leave the Launch Secure Intranet Gateway Configurator checkbox selected. Otherwise, clear the checkbox. In any case, you can manually launch the configurator from the applications menu (see: Running the configuration wizard).
Installation Guide version 2.6 Running the configuration wizard 19
Running the configuration wizard
If, during the installation procedure, you have selected to launch the configuration process after the installation is completed, it will start automatically. Otherwise you can launch the Secure Intranet Gateway Configurator from the applications menu. For example:
Selecting Component to Install Once the configuration is initiated, you are requested to choose which component you want to install (for information about the installation modes, see: Deployment options and Network connectivity requirements).
Installation Guide version 2.6 Running the configuration wizard 20
Select:
Secure Intranet Gateway, to install the SIG – see: Secure Intranet Gateway configuration .
Secure Intranet Gateway Router, to install the SIG Router – see: Secure Intranet Gateway Router configuration.
Note: If you are implementing a scenario which requires installation of Secure Intranet Gateway Router, you must install it before installing Secure Intranet Gateway.
Secure Intranet Gateway configuration To install the Secure Intranet Gateway you must execute the following steps.
Step 1: About
This is the welcome screen of the SIG configuration.
Installation Guide version 2.6 Running the configuration wizard 21
Throughout the procedure, clicking:
Next advances you to the next step,
Back takes you to the previous step
Cancel aborts the procedure.
Important notifications, if any, are displayed at the lower part of the window (e.g. for downloading newer versions of SIG components).
Defining proxy settings for the Secure Intranet Gateway
At this step, you are also prompted with the following message: If you are using proxy server, please click here. By selecting click here, a window is displayed where you can specify proxy settings.
To retrieve the System Proxy Settings (i.e. the proxy settings that are displayed in Internet Explore at Internet Options > Connections > LAN settings), select Restore Default Proxy. The System Proxy Settings are retrieved and displayed at the relevant fields. If necessary, make any further modifications and then continue to the next step.
Installation Guide version 2.6 Running the configuration wizard 22
About Proxy Servers
In order to meet an organization’s network infrastructure security policies, there are three potentially different proxy servers that can independently be configured for each of the following:
The configuration utility (wizard) of Secure Intranet Gateway. This is configured here (i.e. at Step 1: About ) and is the proxy server which is used by the configuration utility of Secure Intranet Gateway for accessing the necessary internet/intranet resources, in order to properly set up and update the relevant components of the Secure Intranet Gateway.
The secure browsing functionality. This is configured at Step 3: Settings and is the proxy server which is used by the Secure browsing functionality of the Secure Intranet Gateway for properly accessing the necessary internet/intranet resources.
Per each registered GO!Enterprise / GO!AppZone server. This is configured at Step 5: Registration (at Registering this SIG to a new server) and is the proxy server which is used by the Secure Intranet Gateway for performing registration actions to the corresponding GO!Enterprise GO!AppZone server.
Step 2: Prerequisites
At this step, it is verified that essential installation prerequisites are fulfilled.
Installation Guide version 2.6 Running the configuration wizard 23
Step 3: Settings
You need to specify the Server public name of the SIG server. This is the server that is registered with GO!Enterprise Server or GO!AppZone and it must be accessible from the internet (i.e. must be a public Domain Name / IP address).
Attention: In case of split mode, this must be the name/IP of the SIG router.
The TCP Port for external use is a standard TCP port that is necessary for supporting the functionality of the Secure Intranet Gateway. Its purpose is to serve encrypted requests which are initiated by GO!Enterprise/GO!AppZone servers and GO!Enterprise Workspace mobile clients. The specified port must currently be available (free) and thereafter should not be used by another application or process.
You can use the Test access to this port from internet link to check that there is network connectivity from the internet towards the specified server though the defined port.
The TCP Port for internal use is a standard TCP port that is necessary for supporting the secure browsing functionality of the Secure Intranet Gateway. Its purpose is to serve inter-process communication between the Secure Intranet Gateway components. It only accepts connections from the loopback interface (localhost/127.0.0.1). The specified port must currently be available (free) and thereafter should not be used by another application or process. This setting is not relevant for GO!AppZone deployments.
Installation Guide version 2.6 Running the configuration wizard 24
Proxy Server
If you will not use a proxy server for secure communications, leave the Use proxy server for Secure Browsing functionality option unselected. Otherwise, select it and specify the relevant proxy settings.
See: Defining proxy settings for the Secure Intranet Gateway for more information about the proxy servers.
GO!Files application accessibility
In case the Secure Intranet Gateway will be used to support a GO!Enterprise Server deployment that provides the GO!Files app, you need to specify the public name or IP of that GO!Enterprise Server.
Note: When using the Secure Intranet Gateway to support GO!AppZone services, you can disregard this setting and leave it empty.
Step 4: Software Update
The system checks to determine if there are software updates. If so, the Install option becomes available. Select Install to update the installation with the latest software.
Installation Guide version 2.6 Running the configuration wizard 25
The relevant updates are downloaded and installed.
Installation Guide version 2.6 Running the configuration wizard 26
Selecting the Click here link, you can select individual components and force their updating.
Installation Guide version 2.6 Running the configuration wizard 27
Step 5: Registration
SIG can be configured to communicate with one or more servers.
Here, you can see a list of the servers to which the specific SIG has been registered.
Installation Guide version 2.6 Running the configuration wizard 28
The checkmark under the Active column indicates that the operation between the SIG and the particular server is normal. If there is no checkmark, it implies that there is some problem (e.g. network connectivity between the SIG and the particular server is lost, or, SIG has been deleted from this server through the GO!Enterprise Server Administration Console). In this case, the SIG stops serving any requests related to that server. The status of Active is refreshed each time this page is displayed.
Select Register with new server to register the SIG to a new GO!Enterprise Server, GO!Enterprise247 or with GO!AppZone cloud services – see: Registering this SIG to a new server.
Once the SIG is successfully registered to a server, that server is displayed in the list.
To view or edit the Details of a registered server, click next to the corresponding server.
To Revoke a SIG from a server, click next to the corresponding server. You will be asked to provide the respective credentials.
To Unregister a SIG from a server, click next to the corresponding server. You will be asked to provide the respective credentials. This action removes the SIG from the particular server and vice-versa.
To Test the connectivity of the SIG with a registered server, click next to the corresponding server.
To Delete a server from the SIG, click next to the corresponding server. This action can be performed only when there is a problem in the operation between the SIG and the particular server, i.e. Active is not selected. It removes the particular server from the SIG but the SIG
Installation Guide version 2.6 Running the configuration wizard 29
remains visible at the server side. Note: It is not recommended to use this option unless for some reason you cannot perform the Unregister action.
For additional information about registering SIG to multiple servers as well as revoking or unregistering it, see: Appendix A – Support for multiple GO!ES systems.
Registering this SIG to a new server
You can register a SIG to a GO!Enterprise Server Instance, GO!Enterprise247 or GO!AppZone.
For each server you can optionally specify the relevant proxy settings
See: Defining proxy settings for the Secure Intranet Gateway for more information about the proxy servers.
Register SIG to a GO!Enterprise Server instance or GO!Enterprise247
Select GO!Enterprise as the Server Type.
Specify the Domain Name (or IP address) and optionally the Proxy Settings.
Examples of Domain Name:
56.2.14.80 or myCompany.247.mobi
Select OK and enter the credentials of a GO!Enterprise user whose role is Administrator or Moderator. In case of Administrator role credentials, the SIG is registered to the organization NONE. In case of
Installation Guide version 2.6 Running the configuration wizard 30
Moderator role credentials, the SIG is registered only under the organization of the particular Moderator.
You can also specify if the connection will use secure URL.
Register SIG to GO!AppZone
Select GO!Appzone as the Server Type and optionally specify the Proxy Settings.
Select OK and enter the credentials of a user/organization that is registered to GO!AppZone,
You can also specify if the connection will use secure URL.
Installation Guide version 2.6 Running the configuration wizard 31
Secure Intranet Gateway Router configuration To install the Secure Intranet Gateway Router you must execute the following steps.
Step 1: About
This is the welcome screen of the Secure Intranet Gateway Router configuration.
Throughout the procedure, clicking:
Next advances you to the next step,
Back takes you to the previous step
Cancel aborts the procedure.
Important notifications, if any, are displayed at the lower part of the window (e.g. for downloading newer version of SIG components).
Installation Guide version 2.6 Running the configuration wizard 32
Defining proxy settings for the Secure Intranet Gateway Router
At this step, you are also prompted with the following message: If you are using proxy server, please click here. By selecting click here, a window is displayed where you can specify proxy settings.
To retrieve the System Proxy Settings (i.e. the proxy settings that are displayed in Internet Explore at Internet Options > Connections > LAN settings), select Restore Default Proxy. The System Proxy Settings are retrieved and displayed at the relevant fields. If necessary, make any further modifications and then continue to the next step.
This proxy server which is configured here is used by the configuration utility of Secure Intranet Gateway Router for accessing the necessary internet/intranet resources, in order to properly set up and update the relevant components of the Secure Intranet Gateway Router.
Step 2: Prerequisites
At this step, a check is performed to verify the Operating System’s compatibility.
Installation Guide version 2.6 Running the configuration wizard 33
Step 3: Settings
Here, you need to specify:
The port on which the SIG Router will listen for and receive public requests.
The domain name or IP address of the Secure Intranet Gateway (SIG) server to which the SIG router will forward the public requests.
The secure port which the SIG router will use when forwarding the public requests to the SIG server. The same port must be specified for SIG (see: Step 3: Settings under Secure Intranet Gateway configuration).
Installation Guide version 2.6 Running the configuration wizard 34
Step 4: Software Update
The system checks to determine if there are software updates. If so, the Install option becomes available. Select Install to update the installation with the latest software.
Installation Guide version 2.6 Running the configuration wizard 35
The relevant updates are downloaded and installed.
Installation Guide version 2.6 Running the configuration wizard 36
Selecting the Click here link, you can select individual components and force their updating.
Installation Guide version 2.6 Running the configuration wizard 37
Step 5: Final Check
In the final step, the configurator checks that the SIG router is listening on the port that has been earlier specified. You are also prompted to ensure that the SIG server is accessible from the internet on the particular port in order to route the requests to the specified SIG server.
Installation Guide version 2.6 Running the configuration wizard 38
If you want to repeat all checks, select Recheck. Otherwise, select Finish to conclude the configuration.
Installation Guide version 2.6 Uninstalling Secure Intranet Gateway 39
Uninstalling Secure Intranet
Gateway
Ensure that you have a logged in as a user with Administrator Privileges on the Windows Server where the Secure Intranet Gateway is installed.
To uninstall the Secure Intranet Gateway, go to the Windows applications menu (e.g. Start > All Programs > Secure Intranet Gateway Configurator) and select:
Remove Installed Components: to uninstall only the Secure Intranet Gateway software components
Uninstall Secure Intranet Gateway Configurator: to uninstall the Secure Intranet Gateway software components as well as the Secure Intranet Gateway Configurator
Installation Guide version 2.6 Uninstalling Secure Intranet Gateway 40
You can partially remove the software by selecting Custom, or completely remove all components by selecting Complete.
Custom Uninstall
Selecting Custom displays a window, in which you can specify the components that you want to uninstall.
Installation Guide version 2.6 Uninstalling Secure Intranet Gateway 41
Click Next. At the window that is displayed, review the components that will be removed and click Uninstall to remove them.
Installation Guide version 2.6 Uninstalling Secure Intranet Gateway 42
Complete Uninstall
To uninstall all components, select Complete. At the window that is displayed, review the components that will be removed and click Uninstall to remove them.
Installation Guide version 2.6 Uninstalling Secure Intranet Gateway 43
Installation Guide version 2.6 Appendices 44
Appendices
Appendix A – Support for multiple GO!ES systems In case two or more GO!Enterprise servers need to access the same corporate resources, the same SIG can be registered to all of them so only one SIG is necessary for accessing these corporate resources.
Registering a SIG to a server
Upon registration of the SIG to a GO!Enterprise Server (through the SIG’s configuration utility), a unique security key pair is created by the SIG and it is communicated to the corresponding GO!Enterprise Server. This unique key pair is also communicated to the mobile devices that are handled by this server. When the SIG receives a request from a mobile device, it uses this key pair to authenticate the device and permit access to the relevant data sources.
In the example of the following figure (KeyX refers to a pair of keys), Key1 is associated with Server A and Key2 is associated with Server B. Key1 is also communicated to the mobile devices of Group A while Key2 is communicated to those of Group B. If a mobile device makes a request from the SIG using Key1, the SIG recognizes that the mobile device belongs to Group A and grants access to the data sources as specified by GO!Enterprise Server A.
Installation Guide version 2.6 Appendices 45
Unregistering a SIG from a server
When unregistering a SIG from a GO!Enterprise Server (either through the SIG’s configuration utility or by using the Admin Console of the relevant GO!Enterprise Server), the SIG no longer permits access to the mobile devices handled by this server. In other words, any existing link between the two is permanently deleted.
In the above example, if the SIG is unregistered from Server A, then the mobile devices of Group A can no longer access the corporate resources and services behind the particular SIG. On the other hand, Server B and the mobile devices of Group B continue to function as expected.
Revoking a SIG from a server
When revoking a SIG from a GO!Enterprise Server (either through the SIG’s configuration utility or by using the Admin Console of the relevant GO!Enterprise Server), a new security key pair is created by the SIG and it is communicated back to the GO!Enterprise Server. Mobile devices that are handled by this server cannot access the data sources behind this SIG until their profile is updated so that they receive the new key pair.
In the above example, if the SIG is revoked from Server A, then any mobile device of Group A that has not updated its profile can no longer access the corporate resources and services behind the particular SIG (the key it currently has is no longer valid). Once the new profile is applied, the mobile device uses the updated key and it can now access the data sources behind this SIG, as before. On the other hand, Server B and the mobile devices of Group B continue to function as expected.
Installation Guide version 2.6 For More Information 46
For More Information
Visit our site www.globoplc.com to learn more about GO!Enterprise and GLOBO’s Enterprise Mobility solutions.
About GLOBO plc
As a leading provider of mobile services to the enterprise GLOBO is pioneering a new era in mobilizing business. Its revolutionary products enable businesses to become more competitive by giving staff secure access to critical applications whilst on the go using their mobile phone or a tablet PC. Founded in 1997, the company is listed on the London Stock Exchange (GBO.LN). GLOBO is widely regarded as one of the most innovative companies due to its ongoing investment in research and development.
Contact Information
New York
247, West 35th Street
11th Floor Front, New York 10001
Tel.: +1 646 307 1614
London
41, Lothbury
EC2R 7HG, U.K.
Tel.: +44 (0) 207 378 8828
Athens
67, E. Antistaseos Street
152 31 Halandri, Greece
Tel.: +30 21 21 21 7000
Website
www.globoplc.com
All brands, products, service names and logos used herein are trademarks and/or registered trademarks of their respective manufacturers and companies.