Where to place your IBM® Lotus Notes® Traveler server in your network depends on the types of devices used and sync types. This section includes a list of possible scenarios and why one might be selected over another.
Windows Mobile, Nokia, and Android devices
The Lotus Notes Traveler client running on Microsoft® Windows® Mobile and Nokia devices uses a single communication channel for data syncing and push messages along with an optional SMS channel. The data sync channel uses HTTP or HTTPS to communicate with the server. This channel is always initiated from the mobile device. The channel should be secured either through a Virtual Private Network (VPN) or by using HTTPS so that all data sent is encrypted. The optional SMS channel is used to notify the mobile device of pending server changes. This short message is delivered to the device SMS mailbox and read by the Lotus Notes Traveler client. The Lotus® Traveler client then carries out the command or begins a data sync.
Apple devices use either HTTP or HTTPS communication channels to sync with the Lotus Notes Traveler server. These devices do not support the SMS push channel.
Connection types and ports
The following table provides a summary of the connection types used by the mobile devices and the ports they use by default. Only one data sync channel is used but the mobile devices can support either HTTP or HTTPS.
Table 1. Connection types and default port numbers
|Used for||Connection type||Default port||Notes|
|Data syncing||HTTPS||443||This connection type is best for data syncing. The port uses a secure channel for data transfer between the device and the server. |
|Data syncing||HTTP||80||The port uses an unsecured channel for data transfer between the device and the server.|
|Automatic syncing||TCP||8642||Port 8642 is only needed if you are using a Windows Mobile or Nokia client earlier than 8.5.2. Otherwise, the port is unused and can be ignored or disabled. |
These topics describe different network topologies and give more specific information about why each might be used:
Using a virtual private network
The diagram in this topic shows a network topology that uses a Virtual Private Network (VPN) server as the secure access point to the company intranet from mobile devices.
Using a reverse proxy
The diagram in this topic shows a network topology where a reverse proxy resides in your DMZ and provides authentication services for the mobile device clients.
Use either the virtual private network or the reverse proxy solution to ensure the best overall security. However, it is also possible to use SSL from the mobile device to connect directly to the IBM Lotus Notes Traveler server inside the DMZ.
Parent topic: Choosing a deployment configuration