120 IBM Tivoli Remote C ontrol Across Firewalls

Figure 4-2 Remote Control Proxy Implementation in a TFST environment

Based on Figure 4-2, we configured our testing scenario as follows:򐂰An RC Target Proxy needs to be installed on the same machine as the Endpoint Proxy. Because this Endpoint Proxy is a Parent in the TFST structure, this RC Target Proxy automatically becomes a Parent. 򐂰Per security guidelines, the communication is defined as unidirectional. Therefore, only the RC Target Proxy on the secure zone can be the connection initiator.
Endpoint
Windows TS server
Endpoint Gateway
AIX 5.1 - tic01010
Hub TMR server
AIX 5.1 - tic01002
Firewall 1
De-Militarized
Zone (DMZ)
Spoke TMR server
AIX 5.1 - tic01010
TMR Spoke
TMR Hub
Endpoint Proxy
Windows - tic01003
Gateway Proxy
Windows - tic01005
Endpoint
Windows - tic01006
Firewall 2
Controller Proxy
- child -
Remote Control
Controller
Target Proxy
parent - unidirectional
Target Endpoint
Endpoint
Windows - tic01007
Target Endpoint
Endpoint
Windows - tic01007
Remote Control
Connections
Framework
Connections
Relay inst2 - tic01004
Relay inst1 - tic01004