Communication via Relay Proxy/Transport Layer
The directed communication channels the Relay Proxy and Transport Layer management applications set up, enable communication between DSM infrastructure components across the limits of secure networks.
The following figure shows a diagram of the respective connections:
Relay Proxy
The Relay Proxy is a management application that works as a proxy for the BLS. Its task is to transmit the synchronization requests of the managed computers to the BLS.
The clients always log on to 'their own' Relay Proxy. The Relay Proxy synchronizes with one BLS that was randomly chosen from a number of available BLS. This is an advantage because only one secure network connection is required between the Relay Proxy and the BLS.
Transport Layer
The Transport Layer is also a management application. The Transport Layer's task is to enable communication between DSM infrastructure components across several stations or firewalls.
With the Transport Layer, you can define specific communication paths across several Management Points. If you are a provider, for example, you need this feature to provide a DSM infrastructure to your customers.
The system usually initiates a connection from a client to a server. In this case, this means from the Relay Proxy in the DMZ to the BLS in the secure network segment. In most cases, the firewall prevents this connection; therefore, the Transport Layer is needed to redirect the initiation of the connection.
Instead, the system sets up a secure connection from the secure segment to the insecure segment; the DSM infrastructure uses this connection for exchanging data.
Extending the Firewall Rules for the Transport Layer
The respective port in the firewall must be activated, so that the Transport Layer can set up a connection to the DMZ.
Port 5052 is the default port for the Transport Layer; you may change this port in the configuration table, if necessary.