SafeLinx Server

The SafeLinx Server provides a gateway through which mobile computing devices on a range of external networks connect securely to resources on your organization's private internal network.

The SafeLinx Administrator determines the types of devices and networks that the SafeLinx Server supports. A single multi-homed SafeLinx Server can support connections from multiple networks and device types. You can add support for HTTP access services, mobile access services, and messaging services.

Typically, organizations deploy the SafeLinx Server within a perimeter network or DMZ that is established between two firewalls, one internet-facing and one enterprise-facing. From here, the SafeLinx Server accepts incoming traffic from the internet or other untrusted networks, authenticates the originator, and routes traffic to the requested internal application server.

You can run multiple SafeLinx Servers on your network and install them on different operating systems. You can remotely administer a SafeLinx Server that is installed on any operating system from any SafeLinx Administrator. For example, you can administer a SafeLinx Server that is installed on Windows™ from a SafeLinx Administrator that is installed on Linux™.

After you install the SafeLinx Server and enable the required network support, you use the SafeLinx Administrator administrative application to define a SafeLinx Server resource and specify its properties.

The SafeLinx Server runs as two processes:
wgattachd
The process that is responsible for starting and monitoring recovery operations on the main driver process. On AIX®, the system resource controller is used to start, manage, and stop the SafeLinx Server processes.
wgated
The process that is the main driver of the SafeLinx Server. If the wgated process is stopped or ends unexpectedly, the wgattachd process restarts it.

You can configure the SafeLinx Server to control how it interacts with other components in your network. The following list provides an overview of some of features that you can use to control how the SafeLinx Server functions:

Security
There are several ways to enforce the security of your network, your applications, and their data. See Figure 1 and use Table 1 to determine options and review planning and configuration information.
Clustering
The SafeLinx Server can be configured to be a principal or subordinate node in a cluster. In this manner, the SafeLinx Server distributes and services communication requests and provides load-balancing efficiency. A cluster manager is automatically installed when you install the SafeLinx Server. Clustering is supported for VPN connections only. For more information about clusters, see Multiple cluster node support.
Directory server lookup
To take advantage of existing user account databases, the directory server provides the definition of how to contact another directory service server (DSS). For more information about directory servers, see Directory service servers.
Groups
Provides a way to pool resources and assign them collectively, rather than individually. For more information about using groups, see Groups.
Logging
The SafeLinx Server provides message, account, and trace log facilities. For more information about logging, see Viewing SafeLinx Server logs.
Network management
The SafeLinx Server can be configured to send traps to a simple network management protocol (SNMP) management station. For more information about configuring the SafeLinx Server to send network management traps, see Sending network management traps.