Client synchronization – Enterasys Networks Network Card User Manual

124

RiverMaster Administrator’s Guide

Before You Begin

Chapter 6

Managing Users & Groups

Client Synchronization

The Aurorean Client installation kit provides your remote users with all the
information they need to tunnel into your network for the first time,
including ISPs, POP phone numbers, policies, and the IP address of the
destination ANG. However, this information may become obsolete if you
select additional ISPs, add POP phone numbers, install Aurorean Software
Update Service updates, or change the ANG IP address. Using a process
known as client synchronization, your Aurorean users can receive updated
information with a minimum of effort on your part.

Administrator-controlled client synchronization is a two-part process which
works by accessing data files (Data Synchronization) and software files
(Software Synchronization) stored on the Aurorean Policy Server. Data files are
built when POP package kits or group kits are compiled while the software
files consist of pre-standing Aurorean Client application and subsystem
executable files. When policies are reconfigured, fresh El Gamal keys created,
and new group notices issued, these changes are incorporated in the data files
and automatically transferred to your Aurorean users through data
synchronization (policies are updated every time a user connects). But, other
new settings including new ISPs and POP packages are not transferred during
data synchronization unless they have been incorporated in POP package kit
and group kit compilations. For those changes to take effect, you must build
new POP package and group installation kits for your Aurorean users.

Client synchronization is enabled or disabled on a per group basis. During
client synchronization, a portion of the tunnel is taken over as a management
channel between the Aurorean Client computer and the APS. The
management channel operates in the “background” of your connection
without any visible effect on connection performance.

The following process occurs each time a Aurorean user establishes a tunnel
connection when both Data and Software Synchronization are enabled:

1

The APS determines if client synchronization is enabled for a user’s
group.

–

If data or software synchronization is disabled for that group, no

further action is taken.

–

If data or software synchronization is enabled for that group, a

message appears in the Aurorean Client Prescriber pullout

indicating that synchronization has started. A portion of the

connection is taken over as the management channel and the

process continues with the next step.