Home
Administering IBM Traveler
Information on planning, installing, configuring, and administering IBM Traveler.
Administering IBM Traveler
The IBM Traveler server component functions as a Domino® server add-in task and responds to Domino server console commands. Topics in this section describe common administrative tasks for administering a IBM Traveler server.
Device security
There are a number of considerations to be aware of when securing different device types.
Windows™ Mobile device security
There are special considerations to be aware of when securing a Windows™ Mobile device.

Administering IBM Traveler
Information on planning, installing, configuring, and administering IBM Traveler.
- Planning for installation and configuration
  There are many installation and configuration considerations you should review before installing the IBM Traveler server.
- Installing the IBM Traveler server
  The following topics describe options for installing and uninstalling the server:
- Configuring IBM Traveler server
  The IBM Traveler configuration settings are part of the Domino® server document. The first time that the IBM Traveler server is started, it performs any necessary configurations. You might want to perform additional configurations beyond the basics. The following topics describe additional configuration options.
- Administering IBM Traveler
  The IBM Traveler server component functions as a Domino® server add-in task and responds to Domino server console commands. Topics in this section describe common administrative tasks for administering a IBM Traveler server.
  - Starting and stopping the server
    The IBM Traveler server and the HTTP server automatically start if you accept the default settings during installation. Use the commands in this topic to manually start or stop the IBM Traveler server.
  - Using the administration application
    The IBM Traveler administration database is contained in the LotusTraveler.nsf. This database contains the user interface that is used to view mobile user and device information, as well as set default device preference and security policies.
  - Assigning preferences and security settings to devices
    There are different ways to assign settings that determine how users work with the IBM Traveler server. You can use the built-in set of default device preferences and security settings that IBM Traveler provides, which is simpler. Or you can create a IBM Traveler policy settings document, which provides greater flexibility and control but is more complex to configure.
  - Device security
    There are a number of considerations to be aware of when securing different device types.
    - Android device security
      There are special considerations to be aware of when securing an Android device.
    - Apple device security
      There are special considerations to be aware of when securing an Apple device.
    - BlackBerry Mobile device security
      There are special considerations to be aware of when securing a BlackBerry device.
    - Nokia Symbian device security
      There are special considerations to be aware of when securing a Nokia Symbian device.
    - Windows™ Mobile device security
      There are special considerations to be aware of when securing a Windows™ Mobile device.
    - Windows™ Phone and Windows™ RT device security
      There are special considerations to be aware of when securing a Windows™ Phone or a Windows RT device.
  - Working with attachment security settings
    You can control how IBM Traveler clients manage file attachments and images.
  - Remote wipe
    If a mobile device is lost or stolen, an administrator can issue a remote wipe command to remove all sensitive data from the device. You can remove the IBM Traveler application and data from the device and, depending on the device, restore the device to the factory default settings.
  - Console commands
    This topic provides a detailed description of the IBM Traveler console commands.
  - Controlling access to IBM Traveler
    When a user leaves the company or a device is lost or stolen, you must remove or restrict access to the IBM Traveler server. This section covers methods for removing and restricting access.
  - Deleting a user from IBM Traveler
    An administrator can remove old or invalid users from the IBM Traveler administrator UI and database. This should only be done for users where access is already restricted using a IBM Traveler or Domino® server access list, or who are no longer listed in the Domino directory.
  - Creating links to start the IBM Verse mobile app
    Create links that a user can click to start the IBM Verse mobile app from a web page or email.
  - Enabling syncing of read or unread changes
    Unread replication is enabled for each user automatically by the IBM Traveler server so that unread marks sync correctly with the device. This section explains how to activate unread replication manually using the Domino® Administrator client.
  - Repeated crash protection
    When certain Notes® documents are corrupted or contain non-standard content, they can cause the IBM Traveler server to repeatedly crash as it tries to process these documents. A repeating crash prevention feature exists to help minimize IBM Traveler server outage in these instances.
  - Maintaining the IBM Traveler database
    Whether running standalone IBM Traveler servers with the internal database or a pool of servers with an enterprise database, the database requires periodic maintenance to maintain optimal performance.
  - Address conversion
    Not all devices support the full range of acceptable IBM® Domino® mail addresses as well as they support internet addresses.
  - Address encoding for Microsoft Exchange ActiveSync devices
    ActiveSync devices, such as Windows Phone and Tablet, BlackBerry 10, and Apple iOs, cannot support the full range of acceptable Domino® mail addresses. To allow the device to properly handle non-standard internet address formats, IBM Traveler has a feature that encodes them into internet addresses supported by these devices.
  - Enforcing data sync limits
    For IBM Traveler 8.5.3.100 and later releases, administrators can enforce synchronization data limits for all users using a setting in the Default Settings document.
  - Logging
    IBM Traveler has many different logs with a variety of purposes.
  - HTTP request handling and 409 responses
    IBM Traveler handles HTTP requests in specific ways that may result in 409 responses.
  - Confirming external recipients on Android devices
    For Android devices, you can choose to prompt the user to confirm the sending of mail to external recipients. This provides an extra step to help prevent the unintentional sending of mail outside of your organization.
  - Adaptive Initial Sync
    Adaptive Initial Sync (AIS) helps ensure server availability in certain server bring up or recovery situations.
  - Google Cloud Messaging for IBM Traveler for Android clients
    IBM Traveler server can use Google Cloud Messaging (GCM) for real time push notifications to keep your Mail, Calendar, Contact and To Do data on your IBM Traveler for Android clients up to date.
  - How synced data moves through the system
    When a device needs to sync data with the user's mail server, the user registers that device with the IBM Traveler server. This involves some initial setup which includes negotiating security settings as well as data options and filters to be used when syncing the data from the user's mail database to the device and vice versa.
  - How IBM Traveler processes attachments
    There are several issues to be aware of in how IBM Traveler processes attachments.

Windows™ Mobile device security

There are special considerations to be aware of when securing a Windows™ Mobile device.

Authentication

IBM Traveler relies on the Domino® infrastructure (HTTP and Admin Client) to authenticate the user. The authentication credentials can be one of the user's allowed Domino® name formats, along with the user's HTTP password, or it can be something defined with the Directory Assistance database. All devices use HTTP Basic Authentication, so HTTPS is recommended for security reasons unless using a VPN or a secured network.

Account information and passwords

Account information is stored in the operating system registry.

The account password is encrypted using AES 256-bit encryption before being stored on the device.

The IBM® Notes® ID password used for reading Domino® encrypted mail is cached for the duration specified by the device lockout timeout and is encrypted using the AES 256-bit encryption.

Data storage

Data is stored in the operating system registry and persistent storage. The devices do not support encryption of this storage.

Encryption of the storage card is supported.

Domino® encrypted mail is stored using AES 256-bit encryption on the device using a key based on the IBM Traveler password. When the user views an encrypted mail, the IBM® Notes® ID password is used to decrypt the data and store it in volatile memory solely for viewing.

Have feedback?
Google Analytics is used to store comments and ratings. To provide a comment or rating for a topic, click Accept All Cookies or Allow All in Cookie Preferences in the footer of this page.