5 Replies Latest reply on Jan 21, 2009 10:18 AM by Jared Barneck

    Pre-sales question about the LDMG appliance

    esmoore Rookie

      I have looked at the BKM and product brochure for the LDMG appliace, but I need to verify I understand the functionality of the device.

       

      We have clients and a Core Server that reside on subnets that are separated by a firewall.  We would prefer to avoid WAN bandwidth issues in updating the clients by arranging for the clients to get their updates over the Internet.  As I understand it, in order for a package to be distributed over the Internet, the client must be configured for policy-driven distributions AND the package must reside on an HTTP share that is accessible over the Internet; the appliance plays no role in actually sending the package to the client.

       

      Eric Moore

      High Plains Library District

        • 1. Re: Pre-sales question about the LDMG appliance
          Employee

          That is exactly true.  The appliance just brokers the connection.

          • 2. Re: Pre-sales question about the LDMG appliance
            Jared Barneck SupportEmployee

            AND the package must reside on an HTTP share that is accessible over the Internet; the appliance plays no role in actually sending the package to the client

            Let me clarify this statement a bit more:

            1. The package can be on an share accessible local to the agent or over the internet.  If you have a remote site with a bunch of computers it can be a share at the remote site or a web share at that remote site and peer download will work between devices on that remote site.

            2. The package can be hosted inside your corporate network only if it is on the a Web Share on the Core Server.  It cannot reside anywhere else internally but the Core Server.

            • 3. Re: Pre-sales question about the LDMG appliance
              zman Master

              2. You can play some tricks with this one - may or may not be supported by LANDesk. Create a Virtual UNC on the core server pointing to your package share.

              • 4. Re: Pre-sales question about the LDMG appliance
                esmoore Rookie

                I appreciate all responses I received in response to my question.  Bear with me as I rephrase what I have read, just to be sure I understand the requirements of the LDMG appliance.  If the client is on a different network such that it cannot access shares on the Core Server, then an externally accessible web share is the only way to make the software packages accessible to the client.  (I suppose an MDR could have tow NICs, so it can access the Core Server share, but this would defeat the purpose of using the LDMG.)

                 

                Since I am not an expert on IIS, I would then wonder if permissions may be set on a web share such that only computers from certain IP ranges may acces it.  Does anyone know if this is an option?

                 

                Eric Moore

                High Plains Library District

                • 5. Re: Pre-sales question about the LDMG appliance
                  Jared Barneck SupportEmployee

                  Yes, IIS can be configured to only allow traffic from certain subnets.

                   

                  Right click on the default web site and go to the Directory Security tab and click on Edit under IP address and Domain name restrictions.

                   

                  Now you have to be careful and look at the IIS log.  I am not sure if the IP Address of the remote client is used or if it is the IP Address of the Gateway, or even a local host request from the Core Server.   A quick connection from a remote device and a look at the IIS log will tell you what IP Address is being used.  I dont' have the gateway turned on (vmware shutdown) or I woudl test.