Enterasys Networks Network Card manual Client Synchronization, 124

Client Synchronization

The Aurorean Client installation kit provides your remote users with all the information they need to tunnel into your network for the first time, including ISPs, POP phone numbers, policies, and the IP address of the destination ANG. However, this information may become obsolete if you select additional ISPs, add POP phone numbers, install Aurorean Software Update Service updates, or change the ANG IP address. Using a process known as client synchronization, your Aurorean users can receive updated information with a minimum of effort on your part.

Administrator-controlled client synchronization is a two-part process which works by accessing data files (Data Synchronization) and software files (Software Synchronization) stored on the Aurorean Policy Server. Data files are built when POP package kits or group kits are compiled while the software files consist of pre-standing Aurorean Client application and subsystem executable files. When policies are reconfigured, fresh El Gamal keys created, and new group notices issued, these changes are incorporated in the data files and automatically transferred to your Aurorean users through data synchronization (policies are updated every time a user connects). But, other new settings including new ISPs and POP packages are not transferred during data synchronization unless they have been incorporated in POP package kit and group kit compilations. For those changes to take effect, you must build new POP package and group installation kits for your Aurorean users.

Client synchronization is enabled or disabled on a per group basis. During client synchronization, a portion of the tunnel is taken over as a management channel between the Aurorean Client computer and the APS. The management channel operates in the “background” of your connection without any visible effect on connection performance.

The following process occurs each time a Aurorean user establishes a tunnel connection when both Data and Software Synchronization are enabled:

1The APS determines if client synchronization is enabled for a user’s group.

–If data or software synchronization is disabled for that group, no further action is taken.

–If data or software synchronization is enabled for that group, a message appears in the Aurorean Client Prescriber pullout indicating that synchronization has started. A portion of the connection is taken over as the management channel and the process continues with the next step.