cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Relay Server, SUP, Afaria and personal devices

Former Member

on ‎10-02-2013 5:12 AM

0 Kudos

Hi all,

Assuming that we have the following architecture:

Relay Server installed in the DMZ;

SUP and Afaria installed on the internal network.

The connection to the SUP, through the relay server, was validated by the container hybrid (HWC) installed on a mobile device with android.

A DNS was assigned to the public IP. Therefore, when configuring the HWC, we used a valid address (RS) to connect to the SUP. The connection worked normally.

From this moment came a question:

Assuming that a user has two mobile devices: A personal and other corporate use.

How can we ensure that it will not launch settings (Relay Server / SUP) on your personal device? Is possible to control through the mac address of the device? Someone has was faced with this question.

I'm currently evaluating the Common Security Infrastructure component (CSI - security framework SMP) in search of answers.

Regards,

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

former_member10452
Employee
Employee
‎10-03-2013 9:22 AM
0 Kudos

Hi Fernandes,

You can create channels on your afaria server to restrict the enrollment of devices with it (e.g. Domain setting, email verification, etc) and also on SUP server using valid security configuration for your application (SSO logins, central LDAP basic auth integration, etc).

Ideally in both cases (In Internet and In Corporate Network) device should be able to reach relay server URL.

For this, in internet generally you dont need any proxy settings on your device but in corporate network you might have one for security reasons to reach internet. In this case, you can also open your DMZ relay server ports to be open to your corporate network as well and you would not need proxy settings on the device to connect to it.

Regards,

Abhishek Joshi

Show replies
Show replies
Ask a Question