Using Host On-Demand with a firewall

If you are configuring Host On-Demand to go through a firewall, we recommend that the firewall administrator open only those ports required for the clients to function. Telnet ports allow TLS-encrypted session traffic.

top Session security through a firewall or proxy server — Figure 1. Session security through a firewall or proxy server

If you are using the configuration server-based or combined models, the Host On-Demand configuration servlet allows Host On-Demand clients to communicate with the configuration server across either HTTP or HTTPS.

top Configuration security with and without the configuration servlet through a firewall or proxy server — Figure 2. Configuration security with and without the configuration servlet through a firewall or proxy server

For Host On-Demand clients connecting to a host system through open ports in the firewall, see Configuring firewall ports for details. For Host On-Demand clients connecting to a host system through a Socks or HTTP proxy server, see Connecting to a host system through a proxy server for details.