I am planning the implementation of Mobile Device Management in an LDMS 9.0 sp3 environment. The deployment guide places the MDM server in the DMZ with SSL communication to the LDMS core. Due to compliance issues, my Infrastructure team is reluctant to place any hardware in the DMZ. They have instead suggested installing only the web services in the DMZ or implementing a reverse proxy to point to the MDM server behind the firewall. I understand that the default install is the only one supported but there must be other implementations out there with silimar challenges. I would appreciate any feedback on implementing to satisfy compliance and functionality.
we do "Reverse Proxy" and it works fine. Be sure to request the SSL Cert for the MDM Server´s DNS name (DNS name must match the Cert´s Common Name). Additionally, MDM´s DNS Name resolves to the firewall´s public IP adress (but I think this is standard when doing Reverse Proxy)