Google Anywhere+ Deployment Guide V1.0.1 User Manual

Page 4

Advertising
background image

ANYWHERE+ DEPLOYMENT GUIDE V1.0.1

ANYWHERE+ DEPLOYMENT GUIDE V1.0.1

PAGE 4

Things you will need to know and do before you begin


Before you begin the installation of Anywhere+ you will need the following information to
create the Anywhere+ configuration file:

• Public VPN ingress IP addresses – these are IP addresses your VPN clients

connect to when the user is on the public internet side of the corporate network
(Note: There may be one or more IP addresses.).

• Internal Proxy IP addresses – these are the IP addresses of internal Proxy

servers (e.g. Microsoft ISA, Bluecoat, Secure Workgroup Connector etc.).

• Domain Names (Enterprise mode only) – If your domain is WinNT://UK you will

just need “UK”. You will need all of the domains which your users could
connect through.

• Internal Subnets of your corporate networks.


You will also need to make sure your desktop security agents such as personal firewalls
are Anywhere+ aware.

You may need to do some or all of the following depending on your vendor.

1. Allow the anywhere.exe file access to the internet
2. Allow the source proxy IP address (set in the configuration file of Anywhere+)

access to the internet.

3. Allow the source proxy IP address to communicate over ports 5001 and 5002

(TCP).


The other decision you will need to make is whether you are going to use Anywhere+ in
Enterprise or User mode. Below is a summary of each mode:

Enterprise Mode

In Enterprise Mode, you can use a single authentication key at the company or group
level. The Anywhere+ client will then get the domain username and the active directory
groups from the PC directly and cache this information. This information will be included
with the Web requests just as if the user was inside the corporate environment.

The Anywhere+ client will regularly check to see if the user information has changed,
both the logged in user and the associated groups. If the information has changed, the
config file will be automatically updated and then all subsequent requests to the
scanning infrastructure will use the new user/group details.

Pros of Enterprise Mode

• Simple to distribute to thousands of endpoints.


Cons of Enterprise Mode

• Access to service becomes policy-based vs. key-based.


User Mode

In User mode, companies can distribute individual user authentication keys.

These keys are generated in ScanCenter, either manually, or via a CSV user import.
Each user will be sent an email with their unique authentication key in it.

Advertising
See also other documents in the category Google Software: