IBM 3.8 3.1 Scenario overview, 3.2 Environment description

94 IBM Tivoli Remote Control Across Firewalls

3.1 Scenario overview

In this section, we provide an overview of our Remote Control in S tandalone

mode testing scenario. A typical Remote Control in Standalone mode is defined

when the Tivoli Management Gateway (Gateway) and its Endpoints are

separated from the Remote Control Controller by a firewall.

The goal of this scenario is to provide detailed information to the System

Administrators of the requirements and considerations that will help them work

with session management across a firewall.

Since firewalls restrict the communication channel, we will show how Remote

Control can work through the firewall, respecting its restrictions, and how the

Remote Control Proxies are used for this purpose.

We have included tables of information on ports that need t o be configured in the

firewall in order to establish Remote Control sessions, as well as pictures related

to the scenario we are describing, outlining the f low of data, and a detailed

description of the steps required to make such an environment work properly.

Wherever possible, we point out the differences between UNIX and non-UNIX

platforms, trying to cover as many situations as possible.

In this testing scenario, we assume the IBM Tivoli Management Framework has

been properly installed and that the communication between Endpoints and

Gateways, TMR server, and managed nodes work as well. You can refer to the

, SG24-5510 for information on

this area. This is the basic requirement before configuring and installing IBM

Tivoli Remote Control across firewalls. We also assume that the IBM Tivoli

Remote Control 3.8 server component is already installed on the T MR server as

well as on all Tivoli Gateways hosting the Endpoints, Controllers, and Targets.

For additional information, refer to the

IBM Tivoli Remote Control User’s Guide

SC23-4842.

3.2 Environment description

In our testing scenario, the goal was to reproduce the most common environment

using all the required components in order to provide valuable inputs a nd

illustrate our conclusions. We used different machine types and operating

systems. Even though the goal here is not to test firewall products, we used

different firewall products with this configuration, keeping in mind the services,

protocol, and ports used by the Remote Control Proxies.