Top Banner
IBM Redbooks: IBM Notes Traveler Hints and Tips for a Successful Deployment Note: This PDF document is the original text from the IBM Notes Traveler Hints and Tips for a Successful Deployment guide hosted in the online wiki. Always refer to the online wiki version for the latest updates.
492

IBM Redbooks Notes Traveler Deployment

Nov 22, 2015

Download

Documents

PalMan SatShops

Wiki PDF Version
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
  • IBM Redbooks: IBM Notes Traveler Hints and Tips for a Successful Deployment

    Note: This PDF document is the original text from the IBM Notes Traveler Hints and Tips for a Successful Deployment guide hosted in the online wiki. Always refer to the online wiki version for the latest updates.

  • Contents

    Chapter 1. IBM Lotus Notes Traveler overview . . . . . . . . . . . . . . . . . . . . . 131.1 Lotus Notes Traveler architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141.2 Introducing Lotus Notes Traveler 8.5.3 Upgrade Pack 1 . . . . . . . . . . . . . 15

    1.2.1 Web administration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161.2.2 Administration features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 171.2.3 Client manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181.2.4 Traveler high availability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181.2.5 Android enhancements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 191.2.6 Miscellaneous new features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19

    Chapter 2. Planning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 212.1 Supported hardware and software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 22

    2.1.1 Domino Server support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222.1.2 Mail database support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222.1.3 Domino directory template support (names.nsf) . . . . . . . . . . . . . . . . 232.1.4 Server hardware requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 242.1.5 Enterprise database requirements . . . . . . . . . . . . . . . . . . . . . . . . . . 252.1.6 Server operating systems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252.1.7 Web browsers for administration. . . . . . . . . . . . . . . . . . . . . . . . . . . . 272.1.8 IP sprayer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272.1.9 Device hardware requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 282.1.10 Devices and operating systems . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

    2.2 Choosing a stand-alone or high availability configuration for Lotus Notes Traveler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

    2.2.1 Number of devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312.2.2 System availability consideration . . . . . . . . . . . . . . . . . . . . . . . . . . . 322.2.3 Other considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 322.2.4 What does IBM do internally? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

    2.3 Planning your server and network topology . . . . . . . . . . . . . . . . . . . . . . . 332.3.1 Choosing a Lotus Domino server . . . . . . . . . . . . . . . . . . . . . . . . . . . 332.3.2 High availability or stand-alone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 332.3.3 Connectivity. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

    2.4 Capacity planning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432.5 Catering for user with multiple devices . . . . . . . . . . . . . . . . . . . . . . . . . . . 43

    2.5.1 What does IBM do internally? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 442.6 Domino domain configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 44

    2.6.1 What does IBM do internally? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462.6.2 Further reading on supporting multiple Lotus Domino . . . . . . . . . . . 46 Copyright IBM Corp. 2013. All rights reserved. 1

  • 2.7 Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462.7.1 Device security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 462.7.2 Server security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 522.7.3 Encrypting Lotus Notes Traveler network traffic . . . . . . . . . . . . . . . . 532.7.4 Internet password lockout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53

    2.8 Language support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552.9 Anti-virus recommendations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 572.10 Upgrading versions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57

    2.10.1 Upgrading Lotus Domino version . . . . . . . . . . . . . . . . . . . . . . . . . . 582.10.2 Upgrading Lotus Traveler upgrading. . . . . . . . . . . . . . . . . . . . . . . . 59

    2.11 Integrating Lotus Notes Traveler into a high availability pool . . . . . . . . . 602.12 Enterprise database server clustering. . . . . . . . . . . . . . . . . . . . . . . . . . . 612.13 Load balancer considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 622.14 Mobile device management integration. . . . . . . . . . . . . . . . . . . . . . . . . . 63

    2.14.1 What is mobile device management? . . . . . . . . . . . . . . . . . . . . . . . 632.14.2 Why use a mobile device management solution in conjunction with

    Lotus Notes Traveler? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 632.14.3 Further reading on mobile device management . . . . . . . . . . . . . . . 64

    Chapter 3. Deploying a stand-alone Lotus Notes Traveler environment . 653.1 Scenario description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

    3.1.1 Planning considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673.2 Lotus Notes Traveler installation on Linux . . . . . . . . . . . . . . . . . . . . . . . . 67

    3.2.1 Installing Lotus Notes Traveler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 673.2.2 Domino startup and installation validation. . . . . . . . . . . . . . . . . . . . . 78

    3.3 Lotus Notes Traveler installation on Windows . . . . . . . . . . . . . . . . . . . . . 793.3.1 Installing Lotus Notes Traveler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 793.3.2 Domino startup and installation validation. . . . . . . . . . . . . . . . . . . . . 88

    3.4 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 893.4.1 Lotus Domino configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 893.4.2 Lotus Notes Traveler configuration . . . . . . . . . . . . . . . . . . . . . . . . . . 913.4.3 Additional configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97

    Chapter 4. Deploying a high availability Lotus Notes Traveler environment131

    4.1 Scenario description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1324.1.1 Planning considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132

    4.2 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1334.2.1 Lotus Notes Traveler installation. . . . . . . . . . . . . . . . . . . . . . . . . . . 1344.2.2 Database installation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1384.2.3 Load balancer installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147

    4.3 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1474.3.1 Lotus Domino configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1472 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • 4.3.2 Database configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1564.3.3 Lotus Notes Traveler configuration for high availability. . . . . . . . . . 1634.3.4 Configuring the selected load balancer. . . . . . . . . . . . . . . . . . . . . . 168

    Chapter 5. User deployment. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1715.1 User provisioning. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

    5.1.1 Access to the Lotus Notes Traveler server . . . . . . . . . . . . . . . . . . . 1725.1.2 Access control list configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . 1745.1.3 User authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175

    5.2 Installation and configuration on an Apple device . . . . . . . . . . . . . . . . . . 1775.2.1 Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1775.2.2 Installing Lotus Notes Traveler profile on an Apple mobile device . 1785.2.3 Customize Sync data and schedule . . . . . . . . . . . . . . . . . . . . . . . . 1865.2.4 Managing mail on Apple devices . . . . . . . . . . . . . . . . . . . . . . . . . . 188

    5.3 Installation on an Android device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1995.3.1 Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

    5.4 Installation on a Windows mobile device. . . . . . . . . . . . . . . . . . . . . . . . . 2235.4.1 Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2235.4.2 Installing the Lotus Notes Traveler application on a Windows mobile

    device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2235.4.3 Customize data sychronization and schedule. . . . . . . . . . . . . . . . . 2395.4.4 Managing mail on Windows devices . . . . . . . . . . . . . . . . . . . . . . . . 240

    5.5 Installation on a Sybian or Nokia device . . . . . . . . . . . . . . . . . . . . . . . . . 2505.5.1 Preparation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2505.5.2 Beginning installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2515.5.3 Customize Sync data and schedule . . . . . . . . . . . . . . . . . . . . . . . . 255

    5.6 Unconventional deployment options . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2565.6.1 Apple device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2565.6.2 Android device . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257

    Chapter 6. Migration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2596.1 Moving to a 64-bit architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260

    6.1.1 How to move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2606.1.2 Tuning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263

    6.2 Upgrading to 8.5.3 Upgrade Pack 1 from a previous version of Lotus Notes Traveler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263

    6.2.1 Announcing the upgrade schedule . . . . . . . . . . . . . . . . . . . . . . . . . 2646.2.2 Stopping Lotus Domino server . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2646.2.3 Backing up files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2646.2.4 Updating Lotus Domino. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2646.2.5 Upgrading Lotus Notes Traveler . . . . . . . . . . . . . . . . . . . . . . . . . . . 2656.2.6 Starting Lotus Domino and Lotus Notes Traveler . . . . . . . . . . . . . . 2726.2.7 Validating the upgrade . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273 Contents 3

  • 6.2.8 Additional configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2856.3 Moving from Lotus Notes Traveler 8.5.3 Upgrade Pack 1 stand-alone to a

    high availability environment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2856.3.1 Integrating an existing Lotus Notes Traveler 8.5.3 Upgrade Pack 1

    stand-alone servers into a Lotus Notes Traveler High Availability pool 285

    6.3.2 Integration strategies. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2856.3.3 Setting up a new HA pool and integrating an existing servers into the

    pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2866.4 Moving from a single pool to a multi-pool high availability environment . 288

    6.4.1 Moving from a single pool to a multi-pool high availability environment288

    6.4.2 Further reading on creating Lotus Notes Traveler high availability pools290

    Chapter 7. Enterprise integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2917.1 LDAP integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292

    7.1.1 Configuring Directory Assistance to enable LDAP authentication . 2947.1.2 Further reading on LDAP integration . . . . . . . . . . . . . . . . . . . . . . . 297

    7.2 Configuring single sign-on. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297

    Chapter 8. Administration and management . . . . . . . . . . . . . . . . . . . . . . 2998.1 Server console commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300

    8.1.1 Tell command reference . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3008.1.2 High availability commands. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305

    8.2 Web-based administration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3068.2.1 Device security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3078.2.2 Device settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3098.2.3 Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3218.2.4 Users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3238.2.5 Servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3248.2.6 Client Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 325

    8.3 Policy-based management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3278.4 Server document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 330

    8.4.1 Traveler tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3318.4.2 Basic tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3348.4.3 Security tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3358.4.4 Port tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3368.4.5 Internet protocols tab . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337

    8.5 Customizing the Lotus Notes Traveler home page . . . . . . . . . . . . . . . . . 3398.5.1 Notes.ini servlet display parameters . . . . . . . . . . . . . . . . . . . . . . . . 339

    8.6 Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3408.6.1 Log setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3414 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • 8.6.2 Log considerations in a stand-alone environment. . . . . . . . . . . . . . 3498.6.3 Log considerations in a high availability environment . . . . . . . . . . . 350

    8.7 The travelerutil command . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3518.7.1 travelerutil db set. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3528.7.2 travelerutil ssl set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353

    8.8 Monitoring Lotus Notes Traveler . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3548.8.1 Monitoring device and server synchronization . . . . . . . . . . . . . . . . 3548.8.2 Monitoring server resource usage. . . . . . . . . . . . . . . . . . . . . . . . . . 3578.8.3 Logging Lotus Notes Traveler status information to log files on an

    administrator defined interval . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3608.8.4 Monitoring Traveler with Watchit . . . . . . . . . . . . . . . . . . . . . . . . . . . 362

    8.9 Backup and recovery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3708.9.1 All deployments of Lotus Notes Traveler . . . . . . . . . . . . . . . . . . . . 3708.9.2 Stand-alone deployments of Lotus Notes Traveler . . . . . . . . . . . . . 3708.9.3 High Availability deployments of Lotus Notes Traveler . . . . . . . . . . 371

    8.10 Recommended maintenance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3718.10.1 All environments . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3718.10.2 Stand-alone environment only . . . . . . . . . . . . . . . . . . . . . . . . . . . 3728.10.3 High availability environment only. . . . . . . . . . . . . . . . . . . . . . . . . 373

    Chapter 9. Tuning and troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . 3759.1 Performance tuning . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376

    9.1.1 Lotus Notes Traveler high availability considerations . . . . . . . . . . . 3769.1.2 Latest software version . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3769.1.3 Data filter settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3769.1.4 Log level options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3779.1.5 Enterprise database . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3779.1.6 Network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3789.1.7 User authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3789.1.8 Transactional logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379

    9.2 Problem determination guides. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3799.3 Troubleshooting techniques . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380

    9.3.1 Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3809.3.2 Common user problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388

    Chapter 10. Appendix A . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393 Contents 5

  • 6 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Preface

    Meet the authorsThis wiki was produced by a team of technical specialists from around the world.

    Sreehari (Sree) Haridevara is a Field Support Engineer based in Poughkeepsie, New York. He joined the Accelerated Value team in April of 2008, and brings over 19 years of industry experience. In this role, Sree has delivered numerous successful engagements on various Lotus products including Domino servers, Notes clients, Sametime, Websphere Portal, Quickr, and NotesTraveler. He is well versed with multiple

    Operating systems including Windows, AIX, Linux, zSeries (Linux and z/OS). Currently, Sree delivers FSS offerings including Domino performance and capacity planning workshop, NSD workshop, UNIX administration for Domino administrators, and customized training for various IBM collaboration solutions products. Previously, Sree worked as a Domino Architect for 12 years responsible for IBM internal Domino deployment and infrastructure for Mail and Application domains for over 100,000 users.

    Martin Hill is an IBM accredited Senior IT specialist working in the IBM UK Mobile Enterprise Services (MES) team. He joined IBM in 1994 and spent over 12 years working with Lotus Notes/Domino and associated products as an Email Messaging and Collaboration specialist, before moving into his current MES role. He now works with IBM's clients helping them to implement a wide range of mobility related products &

    services, of which Lotus Notes Traveler is one. He was also one of the technical leads for the IBM internal deployment of Lotus Notes Traveler in EMEA, which now serves 17,000+ IBMers in over forty different countries.

    Abhishek Jain is working with IBM India Software Labs since 2004 and has been in the industry for 10 years. He is currently working as an IT Specialist with IBM Collaboration Services and is skilled on various Lotus products. He is a Certified Lotus Professional, Certified Lotus Administrator, and a Certified Lotus Instructor on both Lotus Domino Administration and Development. Abhishek has been a part of earlier RedWikis

    Customizing Quickr 8.1 and Best Practices for Building Web Applications for Copyright IBM Corp. 2013. All rights reserved. 7

  • Domino 8.5.1. He has also published developerWorks articles Integrating IBM Lotus Forms with IBM Lotus Domino and Auto-zipping Lotus Notes Attachments.

    John J Johnson is a Field Support Engineer, specializing in Lotus Notes Traveler and IBM Sametime, along with Domino. He has been involved extensively with Lotus Notes Traveler for the last two years, traveling to customers all across North America to assist them with their Traveler deployments. John started with IBM in 1999, working as a developer on internal IBM Lotus Domino Applications. He joined the Field Support

    Services (FSS) team in January of 2006. Maiko Miwa is working for IBM Japan Systems Engineering Co., Ltd. which provides advanced technical support as well as technology transfer to IBM organizations and clients in Asia Pacific region. Being with Collaboration and Mobile team for 4 years, she has served as technical and consulting roles in some Lotus products (especially in WebSphere Portal, IBM Connections and Lotus Notes Traveler) and general mobile

    solutions. As an expert in Lotus Notes Traveler, she has involved in areas such as installation and configuration of Lotus Notes Traveler and writing technical articles about it. She also has advised many customers about designing and administering Lotus Notes Traveler.

    Matt S Munse is the technical lead for Lotus Notes Traveler level 2 support. He has been supporting the Lotus Notes Traveler product since version 8.5.2.1 of the product was released. Prior to this, he spent 8 years supporting WebSphere portal. He has been involved in both the support of IBM technologies as well as development of the products that he has supported. Matt has written a number of IBM published

    documents including developerWorks articles for WebSphere Portal and pages for the Official Info Center documentation for Lotus Notes Traveler.

    Jenny Tsai is a Software Engineer working in the IBM Taiwan Mobility Team. Her area of expertises include Lotus Domino, Lotus Notes Traveler architecture and other mobile solutions across various platforms. She has worked with Lotus Notes Traveler product since version 8.5.2.2 and specialising in reliability and performance analysis. Jenny holds a master degree in Computer Science from the University of Oxford.8 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Peter Volkmar is a level 2 support engineer for Lotus Notes Traveler and IBM Mobile Connect. He started his career as an IBM customer before being seduced by the dark side 28 years ago. He has been involved with IBM Mobile Connect as a developer, a services provider, and a support engineer. When a scientific experiment from the IBM lab in Heidelberg, ARTour, was first shown in Research Triangle Park, he was involved in

    setting up its demonstration in 1994; it took root in its new home and grew to become IBM Mobile Connect.

    Whei-Jen Chen is a Project Leader at the International Technical Support Organization, San Jose Center. She has extensive experience in application development, database design and modeling, and DB2 system administration. Whei-Jen is an IBM Certified Solutions Expert in Data Management, and an IBM Certified IT Specialist

    AcknowledgementsThe authors express their deep gratitude for the content contributed from the following members: Jim Dewan is an Advanced Value Leader in IBM for the last seven years. Jim

    has developed a series of tools to assist customers in better managing their deployments. He has in-depth experiences in Domino Administration development, Sametime and Domino Integration, and Domino Linux development. Jim shares his work in the Lotus Greenhouse "Watchit Community" to provide customers a place to access code, collaborate with the larger Watchit community, and review documentation.

    Vladislav Tatarincev is the Technical Director and co-owner of CYONE. www.cyone.eu. He has a Master of Computer Science from Latvian University. He has been working with Domino from release 4.5, for more than 10 years. He is also an IBM Certified Security Professional. Vladislav is the author of many freeware tools for Domino. His key areas of focus for Lotus Domino are: Performance, Traveler, Security. His hobbies include: diving, shark diving, wreck diving, underwater archeology, and motorbikes.

    We wish to acknowledge a special thank you to the following sponsors and key stakeholders from the Lotus Development, Product Management, and Lotus IDC Teams: Amanada Bauman - Everyone Writes and IDC Wikis Program Manager Bill Wimer - Lotus Notes Traveler Chief Programmer Preface 9

  • Additionally, we wish to thank the following members for their technical help and contributions to this wiki: J Smith Doss Curtis Ebbs Bob Sielken Raji Akella Danny Levenson Corey quinn Yuhsuke Murakami Zin Nyein Oo Mieko Kudoh Masaki Nakabayashi David Kline

    Become an authorJoin us for a two- to six-week residency program! Share your knowledge with peers in the industry and learn from others. Help create content about specific products or solutions, while getting hands-on experience with leading-edge technologies. You will have the opportunity to team with IBM technical professionals, Business Partners, and Clients. Your efforts will help increase product acceptance and customer satisfaction. As a bonus, you will develop a network of contacts in IBM development labs, and increase your productivity and marketability.

    Find out more about the residency program, browse the residency index, and apply online at:

    http://www.ibm.com/redbooks/residencies.html

    Comments welcomeYour comments are important to us!

    We want the content in this wiki and all our wikis to be as helpful as possible. Provide us your comments in one of the following ways: Use the commenting feature with in the wiki. Login and add comments,

    located at the bottom of each page. Provide feedback in the Web form located at:

    http://www-12.lotus.com/ldd/doc/cct/nextgen.nsf/feedback?OpenForm10 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Stay connected to IBM Redbooks Find us on Facebook:

    http://www.facebook.com/IBMRedbooks

    Follow us on Twitter: http://twitter.com/ibmredbooks

    Look for us on LinkedIn: http://www.linkedin.com/groups?home=&gid=2130806

    Explore new Redbooks publications, residencies, and workshops with the IBM Redbooks weekly newsletter:https://www.redbooks.ibm.com/Redbooks.nsf/subscribe?OpenForm

    Stay current on recent Redbooks publications with RSS Feeds:http://www.redbooks.ibm.com/rss.html Preface 11

  • 12 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Chapter 1. IBM Lotus Notes Traveler overview

    IBM Lotus Notes Traveler software is a push email product that provides a full featured e-mail access for Lotus Notes users using supported mobile devices which includes both smart phones and tablets.

    Lotus Notes Traveler wirelessly synchronizes email, calendar, contacts, journal and to-do data with an IBM Lotus Domino server without compromise the security aspects of an organization.

    The eligible Lotus Domino customers can download the software free of charge using their respective PartnerWorld and Passport Advantage accounts or through IBM Sales representative.

    Lotus Notes Traveler software provides following features: Provides a full, cross-platform release that includes capabilities for these supported

    mobile device platforms: Apple iOS, Google Android, Nokia Symbian, and Microsoft Windows Mobile.

    Supports Lotus Notes mobile users, both through on-premises IBM Lotus Domino or Lotus Domino Express deployments, and in the IBM cloud with IBM SmartCloud Notes.

    Reads and composes Lotus Domino encrypted email. Searches your corporate directory to find individuals and groups by name that you want to

    email. Single point of control to monitor the Lotus Notes Traveler user community. Scheduled synchronization and data filtering policies, including the ability to wipe only the

    Lotus Notes Traveler data. Supports for remote wipe for lost or stolen devices. Enforceable Security policies to remotely secure mobile devices. Automated client updates. Data in transit is synchronized over secure HTTPS and SSL connection.

    1 Copyright IBM Corp. 2013. All rights reserved. 13

  • Supports both Linux and Microsoft Windows servers. Works over all wired and wireless connections (GPRS, GSM, WiFi, USB, and ActiveSync)Starting with the version 8.5.3 Upgrade Pack 1, the Lotus Traveler server can also be optionally configured as a server pool to work in high availability mode.

    1.1 Lotus Notes Traveler architectureLotus Notes Traveler is installed on a Lotus Domino server and runs as a separate add-in task. Having a dedicated Lotus Notes Traveler infrastructure is preferable, so nothing else should be deployed on the Lotus Notes Traveler servers to ensure adequate system resources are available.

    Each mobile device has a either Lotus Notes Traveler client (Google Android, Symbian Nokia and Windows Mobile) or profile (Apple iOS) installed which communicates with the Lotus Notes Traveler server over http or https. All mobile devices have to download the Lotus Traveler client, except for Apple devices which download a configuration a profile to the device and use the native iOS email client.

    The following components are involved when a user accesses the Lotus Notes Traveler server;

    User mail file Mobile device Domino directory

    The following figure shows the main components of a simple Lotus Notes Traveler configuration and how they interact:

    Figure 1-1 The main component of Lotus Notes Traveler14 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • New mail messages arriving in your Inbox on the Domino server arrive on the device without you needing to do anything (that is, are automatically pushed) and can trigger a notification event, such as a tone or a device vibration. Updates made on the device such as sending a new mail message or changing a calendar entry are synchronized with the server as soon as a network connection is available, and are reflected in the user's mail file and Notes client.

    The Lotus Notes Traveler client provides a simple, easy-to-use interface with a minimal number of configuration settings. You can customize how much data is synchronized with the device to optimize the use of device memory and server resources.

    The Lotus Traveler server checks the Domino Directory for the user home server and mail file information and subsequently connects to it. The Lotus Traveler server does not store any data, only the user's designated mail server has the user mail file. The figure below shows how the three components work together:

    In a stand-alone implementation (that is non high availability) of Lotus NotesTraveler server, there is a local Derby database where information about the user's subscribed folders, devices, and sync status is stored. This derby database also stores any security information about the devices on the system if the administrator of the server has implemented specific settings in regards to devices security. In a high availability implementation of the Lotus Notes Traveler server, this information is kept in a central database on a separate enterprise database server (IBM DB2 for Linux, UNIX, and Windows or Microsoft SQL Sever) and shared amongst all the Lotus Notes Traveler servers in the same high availability pool.

    There is a friendly way to see the majority of information stored in the Lotus Notes Traveler database referenced above. This is the LotusTraveler.nsf file which is located in the root folder of the Lotus Traveler server for stand-alone implementations or a web interface found at http(s)://server_name.domain.com/LotusTraveler.nsf for a high availability implementation. In this view, you can see all devices, and users. You can use this interface to administer these devices and users. In essence, this is the graphical user interface the administrator can use to view and administer the Lotus Notes Traveler's database information.

    1.2 Introducing Lotus Notes Traveler 8.5.3 Upgrade Pack 1The Lotus Notes Traveler 8.5.3 Upgrade Pack 1 introduces the much desired high availability (HA) feature as an option for the Lotus Notes Traveler deployments.It is still possible to use Lotus Notes Traveler on a single server without high availability (referred to as 'stand alone' in Upgrade Pack 1 terminology) and this is supported by the IBM, but many enterprise customers are expected to move to the HA version of the Lotus Notes Traveler.

    The Lotus Notes Traveler in HA mode includes the following components:Chapter 1. IBM Lotus Notes Traveler overview 15

  • The IP Sprayer (a load balancer) that directs the incoming the Lotus Traveler client connection to one of the available configured servers.

    The Lotus Notes Traveler server pool that receives a connection from the load balancer. In HA mode, a shared relational database replaces the locally stored 'Derby' database that

    is used in stand alone mode. Lotus Notes Traveler 8.5.3 Upgrade Pack 1 supports using both IBM DB2 for Linux, UNIX, and Windows and Microsoft SQL Server to host the relation database. You can use the high availability features provided in both relational database servers in your Lotus Notes Traveler environment to make the end to end Lotus Notes Traveler highly available. IBM provides a free DB2 entitlement with the Louts Notes Traveler.

    All other components of mail servers, mail files, the Domino Directory are the same.

    Apart from the new high availability mode, there are other new feature introduced in Lotus Notes Traveler 8.5.3 Upgrade Pack 1 including: Web administration Administration features Client manager Android enhancements Miscellaneous new features

    1.2.1 Web administration

    Lotus Notes Traveler 8.5.3 Upgrade Pack 1 provides a new web administration tool that is based on XPages and uses the IBM oneUI framework. You can use this web interface to perform all the activities previously supported by the Lotus Notes Traveler administration application, including remote wipe, setting up security policies, and comprehensive search capabilities. The following figure shows the new administration interface which is available in both stand alone and HA mode:16 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • 1.2.2 Administration features

    The Lotus Notes Traveler server provides an administrator with different options to manage the server: Administration

    Lotus Domino server console Administration application (LotusTraveler.nsf) Lotus Domino server policies Lotus Domino server security settings

    Filter limitsIn Lotus Notes Traveler 8.5.2.3, administrative settings could be added to NTSConfig.xml that would enforce a maximum filter window for all users. The Lotus Notes Traveler administration application now includes the ability to configure the maximum filter window settings as part of the default settings. A separate filter limit setting is provided for mail, past events, future events, and notes.

    Scheduled synchronization settingsThe Lotus Notes Traveler administration application now includes the ability to configure the scheduled synchronization settings as part of the default settings which were earlier configured using the Lotus Notes Traveler clients. The SMS part of the scheduled sync settings continue to be a client only configuration option.

    Locking of individual default settingsThe Lotus Notes Traveler administration application default settings configuration now includes the ability to 'Lock' individual settings. This support previously was only available by using Lotus Domino server policies. Locking a setting prevents the user from modifying that setting from their device. The following figure shows how you can lock a particular setting:Chapter 1. IBM Lotus Notes Traveler overview 17

  • 1.2.3 Client managerThis newly released subsystem manages Lotus Notes Traveler clients that are available for download using the Lotus Notes Traveler server. An administrator can now access views in the web based administration application that display exactly which client levels are installed on the Lotus Notes Traveler server. The Client manager allows the administrator to assign specific client levels to individual users or groups of users.

    1.2.4 Traveler high availabilityThe ability to run multiple Lotus Notes Traveler servers in a high availability service pool is provided in Lotus Notes 8.3.5 Upgrade Pack 1. This feature allows devices to connect to any server in the pool at any given time. Requests are received at any Lotus Notes Traveler server and a decision is made whether to service the request locally or to route the request to another server in the pool based on which server is currently monitoring mail for the user and server loads. If a server in the pool is stopped or unavailable, device requests can be handled by the other servers in the pool without requiring a recovery synchronization.

    Support for Enterprise Database Servers has been introduced to enable Lotus Notes Traveler high availability. In this release, DB2 for Linux, UNIX, and Windows and Microsoft SQL Server are supported for storing Lotus Notes Traveler Notes administration data and device synchronization data. An enterprise database is not required when running Lotus Notes Traveler on a single server (i.e. in stand alone mode).Lotus Notes Traveler also supports the transfer of existing administration and user synchronization data from the stand-alone Derby database to the enterprise database. This allows the migration and/or consolidation of existing Lotus Notes Traveler servers into a Lotus Notes Traveler HA pool.18 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • High availability pool-aware console commandsThe association of a device to a server is easy and transient. To avoid requiring an administrator to understand where a particular device or user is being processed, the management commands have been updated to communicate across servers and run the request on the appropriate server. New console commands are also added to ease the management and serviceability of the pool.

    Additional contributors to status conditionAdditional factors in determining the status condition (red/yellow/green) of a server are added. The new conditions include: Low disk space on server Expiration pending of the SSL certificate used to secure Lotus Notes Traveler server to

    server communication

    1.2.5 Android enhancements

    The enhancements for Android mobile devices include both client and server areas: Enhancements for Android Client

    Monthly view for Calendar Mail and Calendar UI now use larger screen size in tablets

    Enhancements for Server managed security policy Enforce the complex password type (OS 3.0 or higher) Disable local password storage Prohibit copy to clipboard Prohibit export attachments to file system Prohibit camera (OS 4.0 or higher) Application password support Password expiration period (OS 3.0 or higher) Password history count (OS 3.0 or higher) Prohibit unencrypted devices (OS 3.0 or higher)

    1.2.6 Miscellaneous new features

    Some general enhancements that are applicable for all mobile devices are as listed below.

    Improved handling of Lotus Notes documentsNotes links that are contained in mail messages and viewed on Lotus Notes Traveler clients now include an additional URL hotspot which points to the web address of the application server. You can open the linked application using a browser on the mobile device, similar to how applications can be opened using iNotes. However, there are a number of restrictions to consider with this functionality: The link can only be accessed if a connection can be made from the mobile device to the

    user's Domino mail server and/or the Domino application server specified in the link. The application must be web enabled. This means that the Domino HTTP service must be

    running on the Domino application server and the application design must have enabled Chapter 1. IBM Lotus Notes Traveler overview 19

    access from web clients.

  • Sent folder save optionsLotus Notes Traveler now synchronizes with the user preference for handling the saving of mail in the Sent Mail folder. In the previous releases, sent mail was always saved in the Sent Mail folder. Additionally, the Lotus Notes Traveler Administrator can override this behavior using the NTS_SENDMAIL_SAVE_OPTIONS notes.ini parameter. Supported values are: user - Honor the user's Notes and iNotes client mail save preferences (default). never - Lotus Notes Traveler never saves sent mail in the Sent Mail folder. always - Mail sent from a Lotus Notes Traveler client is always saved in the Sent folder,

    regardless of the user's Notes and iNotes client mail save preferences. noatt - Attachments in the outgoing mail will not be saved in the Sent Mail folder.

    Draft mail attachment optionsLotus Notes Traveler now gives administrators the option for all users who do not to save attachments when creating a draft document on the device. When the administrator sets the notes.ini parameter NTS_DRAFT_DO_NOT_SAVE_ATTACHMENTS=true, all attachments are stripped from the document being saved on a Domino server. 20 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Chapter 2. Planning

    In this chapter, we describe the tasks and the areas you need to consider when planning an IBM Lotus Notes Traveler deployment.

    2 Copyright IBM Corp. 2013. All rights reserved. 21

  • 2.1 Supported hardware and softwareIn this section, we provide the base supported hardware and software for IBM Lotus Notes Traveler. For the complete and the most current Lotus Notes Traveler 8.5.3 Upgrade Pack 1 system requirements, see the following website:

    http://www.ibm.com/support/docview.wss?uid=swg27027499

    2.1.1 Domino Server supportAll versions of IBM Lotus Notes Traveler must be installed and run on a base Lotus Domino server. You can use either of these two versions of Lotus Domino for a stand-alone Lotus Notes Traveler server: Lotus Domino 8.5.3 Enterprise Server Lotus Domino 8.5.3 Messaging Server

    To implement a high availability Lotus Notes Traveler server, you must use Domino 8.5.3 Enterprise Server.

    The code version of both Lotus Domino and Lotus Notes Traveler must be matched to the first three digits of the version number. For example, version 8.5.3.x of Lotus Notes Traveler has to be installed with version 8.5.3.x of Lotus Domino. It is not possible to install a lower version of Lotus Notes Traveler on a higher version of Domino (for example, Lotus Notes Traveler version 8.5.2.x on Domino version 8.5.3.x). This is because the libraries that are used by the Lotus Notes Traveler task are associated with the libraries that the Lotus Domino server implements and the Libraries that the Lotus Domino server uses can change in different releases of the product. This is why the only supported environments are the environments that match the base versions.

    Note that during the installation process of Lotus Notes Traveler 8.5.3 Upgrade Pack 1, Domino will automatically be upgraded to the Upgrade Pack 1 of Lotus Domino version 8.5.3 if this is not already in place. This upgrade to Lotus Domino is included in the Lotus Notes Traveler installation package of 8.5.3 Upgrade Pack 1. This is because there are certain aspects that are included in this Lotus Domino upgrade pack that are needed for Lotus Notes Traveler new functionality such as XPages for the web administration of the server.

    For optimal performance, Lotus Notes Traveler should be installed on a dedicated server, including using a dedicated Lotus Domino server that doesn't perform any other Lotus Domino functions (for example, mail server or replication hub). In a small scale proof of concept or pilot, you could consider installing Lotus Domino mail server, Lotus Notes Traveler, and even other tasks such as Sametime on the same host machine, however the production system should be designed with the capacity carefully planned and have a dedicated server just for Lotus Notes Traveler. We describe the capacity planning in 2.4, Capacity planning on page 43.

    2.1.2 Mail database supportLotus Notes Traveler can use and synchronize with remote mail databases hosted on Lotus Domino version 7.0.2 and later, running on any operating system that Lotus Domino supports. Lotus Notes Traveler supports Lotus Notes standard and iNotes mail file templates based on version 6.5 and higher. So this means that although the Lotus Notes Traveler server itself has to be at a very specific version, it can synchronize email from any Lotus Domino server 22 IBM Notes Traveler Hints and Tips for a Successful Deployment

    running on any platform as long as it is at version 7.0.2 or greater, and using mail file

  • templates of version 6.5 and above. It is possible to have your Lotus Notes Traveler server running at a newer version of Lotus Domino than the rest of the Lotus Domino servers in your domain. However if doing so, you need to give careful consideration to preventing the newer database design elements replicating out from your Lotus Notes Traveler server to the rest of the older Lotus Domino servers in your Lotus Domino domain. More details on Lotus Domino domain planning can be found in 2.6, Domino domain configuration on page 44.

    2.1.3 Domino directory template support (names.nsf)You must ensure that you use the same Domino directory template for the names.nsf database (pubnames.ntf) version for the Lotus Domino server that you run Lotus Notes Traveler on. Ensure the Domino directory template that is supplied with the version of Lotus Domino that matches your Lotus Notes Traveler version. So for example, if using Lotus Notes Traveler 8.5.3 Upgrade Pack 1, the Domino directory template used on the Lotus Domino server running Lotus Notes Traveler must also be at version 8.5.3 Upgrade Pack 1. This is because there are new fields introduced in each version of Lotus Notes Traveler and only the matching version of Domino directory mail template includes the new fields. If the Domino directory template on the Lotus Domino server and Lotus Notes Traveler server do not match, certain fields won't show all of the data. For example, there was no "External Server URL" field in the 8.5.1.x version of Lotus Notes Traveler. If you upgraded the Lotus Notes Traveler server to 8.5.2.x or later and did not upgrade the Domino directory template, the field for the "External Server URL" would not appear even though this was a valid data field according to the server.

    You can check the version of the Domino directory template on any Lotus Domino server using the following steps:1. Open the Domino administration console and navigating to the "Files" tab.2. Right-click the Domino directory for the server (names.nsf filename). Select Properties.3. From the pop-up window, select the design tab. The template version is shown in the

    Inheritance section.

    The template version should be 8.5.3 for a Lotus Domino Server running version 8.5.3, and that is the required version for Lotus Notes Traveler 8.5.3 upgrade pack 1.

    When planning your Lotus Notes Traveler infrastructure if you opt to place your Lotus Notes Traveler servers in the same Lotus Domino domain as the rest of your Lotus Domino servers, you need to decide how to manage the Domino directory template. You have three options: Upgrade all your Lotus Domino servers in the Domino domain to use the same version of

    Lotus Domino as used on your Lotus Notes Traveler Server. This means all your Lotus Domino servers will be at the same level and will use the same version the Domino directory template, but this may be difficult to achieve if you have a large Lotus Domino environment.

    Just upgrade your Lotus Notes Traveler servers to use the latest version of Lotus Domino and allow the updated Domino directory template replicate to the other, older, Lotus Domino servers in your Lotus Domino domain. This should work and is supported as the updated versions of the Domino directory template are designed to be backwards compatible with previous versions of Lotus Domino (albeit only to a certain number of previous versions) but it would be good practice to test this first in your own environment. Especially to ensure that the latest version of the Domino directory template is backwards compatible with all the older versions of Lotus Domino you have.

    Just upgrade your Lotus Notes Traveler servers to use the latest version of Lotus Domino and prevent the new design elements of updated Domino directory template replicating Chapter 2. Planning 23

    out to the other, older, Lotus Domino servers in your Lotus Domino domain.

  • If you place your Lotus Notes Traveler servers in their own dedicated Lotus Domino domain instead then you can upgrade them to the latest version of Lotus Domino without having to worry about the design of the Domino directory replicating to any other/older Lotus Domino servers. More details on Lotus Domino domain planning can be found in 2.6, Domino domain configuration on page 44.

    2.1.4 Server hardware requirementsThe operating system that is used for the Lotus Notes Traveler server should be a 64-bit version. The Lotus Notes Traveler server does not copy the user mail files from the Lotus Domino mail server to the Lotus Notes Traveler server, but moves the data through the server as required during synchronization. The Lotus Notes Traveler server must maintain the memory needs for the data transferring from the Lotus Domino mail server to all the end user devices, and this can be thought of as a "pipeline" from the mail server to the device through the memory of the Lotus Notes Traveler server. The number of data connections that are in use can also be extensive. To better manage the connections, Lotus Notes Traveler requires resources from the operating system to maintain the amount of information needed to oversee the connections. Therefore, it is recommended to run Notes Traveler on a 64-bit operating system. Capacity will be severely limited if running Notes Traveler on a 32 bit OS.

    The following table shows the hardware requirements for Lotus Notes Traveler:

    Feature Requirement

    Disk space Although you can run Notes Traveler with as little as 500MB of free disk space, for production environments it is recommended to maintain at least 5 GB of free disk space. Certain log actions can suddenly use a lot of disk space, such as a memory dump. Running low on disk space will cause file fragmentation and performance issues. Running out of disk space will cause a server crash and possibly loss of data.

    A stand-alone server implementation of Lotus Notes Traveler requires database space. Running a defragmentation on the database on a regular interval might keep the size of this database small. In 8.5.3 Upgrade Pack 1, the database management code is improved and defragmentation should not be as necessary as it was in the previous versions of the product.

    To help with managing the space that if used by logging, you can put in plan to use the command tell traveler log clear to clear the logs on the server and reinitialize the logging. Note that running the tell traveler log clear command will remove all previous runtime logs on the server in regards to Lotus Notes Traveler directory /traveler/logs (NTSUsage*, NTSActivity*, and NTSError* logs). If you decide to do this as part of your maintenance you can plan appropriately for your needed disk space.

    Memory The minimum amount of free memory required to run Lotus Notes Traveler is 512 MB. This is in addition to the memory needed for the operating system, and Lotus Domino itself.For production systems a minimum of 8 GB of system memory is recommended. More may be required depending on how many concurrent users / devices you wish to host. See 2.4, Capacity planning on page 43 for more detail on memory concerns.24 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • 2.1.5 Enterprise database requirementsLotus Notes Traveler High Availability mode requires an enterprise database that is accessed by all Lotus Notes Traveler servers in a common service pool. The following table shows the enterprise databases that are supported. See the database product documentation for information on their hardware and software requirements:

    2.1.6 Server operating systemsThe following table shows the supported operating systems (OS) for Lotus Notes Traveler:

    Network protocols Lotus Notes Traveler supports any network supported by a device that provides an HTTP/TCP or HTTPS/TCP connection between the device and the Lotus Notes Traveler server. Examples include GSM, GPRS, 802.11x, and WiFi. In addition, Lotus Notes Traveler can utilize Short Messaging Service (SMS) for push notifications instead of HTTP/HTTPS (for selected mobile device platforms). The SMS is only used for notifications and HTTP/HTTPS is still required for data transfer. For communication between the Lotus Notes Traveler server and the Louts Domino mail servers, Notes RPC is used (port 1352 by default).

    Feature Requirement

    Product Notes

    DB2 for Linux, UNIX, and Windows Enterprise Server Edition 9.7, Fixpack 5 or higher

    64-bit version recommended.

    DB2 for Linux, UNIX, and Windows Workgroup Server Edition 9.7, Fixpack 5 or higher

    64-bit version recommended.A limited use license to IBM DB2 for Linux, UNIX, and Windows 9.7.0.4 Server Edition is included with the Lotus Notes Traveler 8.5.3 Upgrade Pack 1 release. This limited use license is provided for customers who want to deploy a Lotus Notes Traveler High Availability server and elect to use this entitled DB2 version as their RDBMS solution. The DB2 license should not be used for any purpose other than the support of Lotus Notes Traveler.

    Microsoft SQL Server Enterprise Edition 2008 SP1 CU1 or higher

    64-bit version recommended.

    Microsoft SQL Server Enterprise Edition 2008 R2 SP1 CU1 or higher

    64-bit version recommended.

    Operating system Notes

    Red Hat Enterprise Linux (RHEL) 5 Server for x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Red Hat Enterprise Linux (RHEL) 5 Server for x86 (64-bit)

    Supports Domino server running in 32-bit application mode. This operating system is supported for Lotus Notes Traveler Standalone mode and High Availability mode.Chapter 2. Planning 25

  • Red Hat Enterprise Linux (RHEL) 5 Advanced Platform for x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Red Hat Enterprise Linux (RHEL) 5 Advanced Platform for x86 (64-bit)

    Supports Domino server running in 32-bit application mode. This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Red Hat Enterprise Linux (RHEL) 6 Server for x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Red Hat Enterprise Linux (RHEL) 6 Server for x86 (64-bit)

    Supports Domino server running in 32-bit application mode. This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    SUSE Linux Enterprise Server (SLES) 10 for x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    SUSE Linux Enterprise Server (SLES) 10 for x86 (64-bit)

    Supports Domino server running in 32-bit application mode. This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    SUSE Linux Enterprise Server (SLES) 11 for x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    SUSE Linux Enterprise Server (SLES) 11 for x86 (64-bit)

    Supports Domino server running in 32-bit application mode. This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2003 Enterprise Edition x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Windows Server 2003 R2 Enterprise Edition x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Windows Server 2003 Enterprise Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2003 R2 Enterprise Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2003 Standard Edition x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Windows Server 2003 R2 Standard Edition x86 (32-bit)

    32-bit operating systems are supported but, 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Operating system Notes26 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • 2.1.7 Web browsers for administration

    Lotus Notes Traveler supports web based administration through XPages. You can use this administration tool in place of the lotustraveler.nsf that was previously used in the Lotus Notes Traveler servers. For the high availability implementation of the server, the web administration is required as it is no longer possible to administrate the Lotus Notes Traveler environment using the lotustraveler.nsf database after the move to HA mode has been completed. The following web browsers are supported in this capacity: Apple Safari 5.0 and higher Mozilla Firefox 3.6 and higher Microsoft Internet Explorer 7 and higher Google Chrome 5 and higher

    2.1.8 IP sprayerLotus Notes Traveler, running in High Availability mode, requires an IP sprayer located in front of the Lotus Notes Traveler server pool to provide a single URL entry point and to route requests evenly among the members of the pool. IP sprayer support has been tested with, but not limited to, the following: Apache HTTP Server v2.2.22 WebSphere Edge Server v7.0.0.18

    Windows Server 2003 Standard Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2003 R2 Standard Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2008 Enterprise Edition x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Windows Server 2008 Enterprise Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2008 R2 Enterprise Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2008 Standard Edition x86 (32-bit)

    32-bit operating systems are supported, but 64-bit operating systems are strongly recommended for all deployments with a significant number of users. This OS is supported for Lotus Notes Traveler Standalone mode only.

    Windows Server 2008 Standard Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Windows Server 2008 R2 Standard Edition x86 (64-bit)

    This OS is supported for Lotus Notes Traveler Standalone mode and High Availability mode.

    Operating system Notes

    Important: JavaScript and cookie support must be enabled in the web browser for the Lotus Notes Traveler web administration application to function properly. Chapter 2. Planning 27

  • Lotus Mobile Connect (LMC) v6.1.5

    2.1.9 Device hardware requirementsThe following table shows the hardware requirements for the mobile devices that are supported by Lotus Notes Traveler:

    Feature Applicable OS Notes

    Device memory Nokia Series 60 3rd and 5th edition

    Nokia Symbian^3

    Lotus Notes Traveler for Nokia S60 client requires approximately 4 MB of free program file storage on the device to install Lotus Notes Traveler.

    File storage required for PIM and mail is not included in these estimates, varies widely, and depends on how much data is synchronized to the device.

    If it is necessary to collect traces or logs, up to 2 MB of additional program file storage may be needed.

    If the installation file (SISX file) is manually downloaded to program file storage, it requires an additional 1 MB. This file can be deleted after installation.

    If mobile device security policies are in place or support for remote device wipe is needed, and you are using a Nokia S60 device, it may be necessary to install the Nokia security enablement library on the device. This library can be obtained from download.fds-ncom.nokia.com/supportFiles/phones/files/pdf_guides/services/IBM_TTPA_Allow_New_App/IBMTTPAAllowNewApp.SIS

    Device memory Windows Mobile 6.0, 6.1, and 6.5

    Lotus Notes Traveler for Windows Mobile client requires approximately 4 MB of free program file storage on the device to install Lotus Notes Traveler.

    File storage required for PIM and mail is not included in these estimates, varies widely, and depends on how much data is synchronized to the device.

    If it is necessary to collect traces or logs, up to 2 MB of additional program file storage may be needed.

    If the cabinet install file (CAB file) is manually downloaded to program file storage, it requires an additional 2 MB. This CAB file can be deleted after installation.

    Device memory Android Lotus Notes Traveler for Android client requires approximately 2 MB of free storage on the device to install Lotus Notes Traveler.

    File storage required for PIM and mail is not included in these estimates, varies widely, and depends on how much data is synchronized to the device. Note that during initial setup, you can choose to have some of the data stored on external storage.

    Trace and log storage required is dependent upon the configuration setting. The default value is 2 MB.28 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • 2.1.10 Devices and operating systemsThe following table shows the mobile device operating systems that are supported by Lotus Notes Traveler:

    Device/Operating System

    Notes

    Apple iPhone OS 2 Not supported. For reliable operation with Lotus Notes Traveler, upgrading to version 3.1 firmware or higher is required.

    Apple iPhone OS 3 IBM strongly encourages upgrading to version 3.1 firmware or higher for use with Lotus Notes Traveler.

    Apple iOS 4 IBM strongly encourages upgrading to version 4.0.1 firmware or higher for use with Lotus Notes Traveler.

    Apple iOS 5 IBM Lotus Notes Traveler supports the same mail, calendar and contact features in iOS5 that are supported in iOS4. New capabilities in iOS5 (e.g. Reminders) are not supported by Lotus Notes Traveler, but will be considered for utilization and support in a future release.

    Apple iOS 6 IBM Lotus Notes Traveler supports the same mail, calendar and contact features in iOS6 that are supported in iOS5.

    iPhone, iPhone 3G, iPod Touch (2nd generation)

    Supported. Note that these devices do not include on-device encryption.

    iPhone 3GS, iPhone 4, iPhone 4S, iPad, iPad2, iPad3, iPod Touch (3rd generation and higher)

    Supported.

    Nokia Series 60 3rd Edition

    Lotus Notes Traveler supports all Nokia Series 60 3rd and 5th edition devices.

    For a list of Nokia devices that support the Nokia security enablement library for remote security features see download.fds-ncom.nokia.com/supportFiles/phones/files/pdf_guides/services/IBM_TTPA_Allow_New_App/IBMTTPAAllowNewApp.SIS

    Nokia Series 60 3rd Edition Feature Pack 1

    Nokia Series 60 3rd Edition Feature Pack 2

    Nokia Series 60 5th Edition

    Nokia Symbian^3 Edition

    Device encryption is only supported by Symbian^3 devices and they must be running an operating system level of Symbian Anna release or higher.

    Nokia Symbian^3 devices do not require a separate download of the Nokia security library required for S60 devices. This support is built into the device.Chapter 2. Planning 29

  • What does IBM do internally?

    The IBM internal implementation of Lotus Notes Traveler is currently based on a mixture of Windows and Linux based servers, but a project is underway to migrate to using Linux only. All of servers are run as virtual 'guests' on a VMware 4.5.1 Enterprise environment. The specifications of the virtual guests are as follows:

    Windows VMware guest specifications: 4 vCPUs 8GB - 12GB of memory (the most heavily utilized servers were upgraded from 8 GB to 12

    GB) Windows 2008 R2 64-bit

    Windows Mobile 6.0 Classic

    Lotus Notes Traveler supports all Windows Mobile 6.0, 6.1, and 6.5 devices.

    Windows Mobile 6.0 Professional

    Windows Mobile 6.0 Standard

    Windows Mobile 6.1 Classic

    Windows Mobile 6.1 Professional

    Windows Mobile 6.1 Standard

    Windows Mobile 6.5 Professional

    Windows Mobile 6.5 Standard

    Android OS 2.0.1+ Lotus Notes Traveler supports all devices, including tablets, running Android OS 2.0.1 to 2.x. Note that if you wish to use enterprise security features, such as complete device wipe or device password policies, you must be running Android OS 2.2 or higher.

    Android OS 3.0+ Lotus Notes Traveler supports all devices, including tablets, running Android OS 3.0 or higher. This version is required for enablement of some Android security features, including: Complex character device password support, device password expiration, device password history count and whole device encryption.

    Android OS 4.0+ Lotus Notes Traveler supports all devices, including tablets, running Android OS 4.0 or higher. This version supports all Android security features from previous Android releases and adds support for Prohibit Camera.

    Important: IBM recommends upgrading the firmware of all Android, Apple, Nokia, and Windows Mobile devices to the latest levels. The specific delivery technique varies widely and depends on the device, the carrier, and many other factors.

    Device/Operating System

    Notes30 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • SAN hosted disks with separate volumes for the operating system (C:), program binaries (D:) and log files (E:).

    Linux VMware Guest Specifications: 4 vCPUs 8GB memory Redhat 6 Enterprise Server SAN hosted disks with separate file systems and mount points for the operating system,

    program binaries and log files.

    For details of how many users IBM host on Lotus Notes Traveler servers of this specification, see 2.4, Capacity planning on page 43.

    2.2 Choosing a stand-alone or high availability configuration for Lotus Notes Traveler

    When deciding to deploy IBM Lotus Notes Traveler version 8.5.3 Upgrade Pack 1, a number of questions should be asked in regards to using the high availability (HA) option or the stand-alone option. By default, the installation of 8.5.3 Upgrade Pack 1 is a stand-alone server. It is not until you want to configure Lotus Notes Traveler for HA that an enterprise database and a 'front-end' IP sprayer are required.

    The two main influencing factors to choosing a stand-alone server versus an HA Lotus Notes Traveler implementation are: The number of devices Lotus Notes Traveler is to service The need for continuous availability or fail-over capability if a Lotus Notes Traveler server

    instance becomes unavailable.

    Other factors are also discussed after we address these main two concerns.

    2.2.1 Number of devices

    Lotus Notes Traveler 8.5.3 Upgrade Pack 1 has improved the server capability to manage memory and data in the servers. With this improvement, the server performs faster and maintains better data organization in the Lotus Notes Traveler databases. These are either the local derby databases that are used by Lotus Notes Traveler in stand-alone mode, or the enterprise databases that are used in the HA mode. The improvement was largely due to the improvement, and refactoring of many of the SQL queries that are used, and adjustments to the tables that are contained in the Lotus Notes Traveler databases. Because of these important factors, if your current implementation of Lotus Notes Traveler is providing service for 2,000 devices or less, then a stand-alone server with 8.5.3 Upgrade Pack 1 (of the correct specification) would be sufficient if you do not need your Lotus Notes Traveler server to be highly available.

    Important: If using a Virtual System environment, a dedicated storage such as SAN hosted disks used by IBM is important. Running Notes Traveler in stand alone mode is very disk IO heavy. Often times Virtual Machines are not given sufficient disk priority to perform at maximum capacity. In HA mode much of the disk processing is moved to the database server, and it is this server that disk IO speed will be critical.Chapter 2. Planning 31

  • If you plan to support more than 2,000 devices, using the HA environment is your best option. A single Lotus Notes Traveler 8.5.3 Upgrade Pack 1 server in an HA configuration can service up to approximately 2,500 devices on a single server. For any additional devices above this number, another server is required to handle the load. A single HA server pool (consisting of multiple Lotus Notes Traveler servers, all configured in HA mode) can support approximately 10,000 devices. The basic rule of thumb is that the number of servers required in a Lotus Notes Traveler HA server pool is 1 + the number of servers needed to serve the load. For example, if you were to implement an environment that was intended to serve 5,000 users, you would need 3 Lotus Notes Traveler servers. The additional server is required so that if one of the servers in the pool failed, all of the devices can still be serviced by the remaining servers in the pool without degrading the quality of the service. Note that all of the servers in a HA pool are always used in normal circumstances so the additional server is utilized all of the time.

    2.2.2 System availability considerationIf you wish to ensure that the Lotus Notes Traveler solution has continuous availability, then the HA option is the solution that must be used.

    If you are implementing a HA solution you need to ensure that all of the components that make up the end to end Lotus Notes Traveler server are also high availably. As such the other aspects of the solution that need to be considered and have a high availability solution of their own include: A HTTP/IP Sprayer or load balancer server A Lotus Domino mail server (for example, use Lotus Domino clustering) A high availability solution for the enterprise database

    2.2.3 Other considerationsThe other considerations of using an HA solution include: Server resource constraint:

    If your servers has a maximum of 8 GB memory only, the HA solution allows you to have multiple severs. With multiple servers you can handle a higher load with fewer devices on each server. Thus, you are able to service more devices with more machines when the machines are restricted on the resources they are allotted. This is more common in a VM environment.

    Network constraint:If the internal network speed is not fast, or bandwidth is a limitation, consider the stand-alone solution if you do not need a HA solution according to the first two points described in this section. In a stand-alone configuration, all the resources are local and there is no traffic from the HTTP/IP Sprayer to the Lotus Notes Traveler server to the enterprise database server and back within the network.

    2.2.4 What does IBM do internally?At the time of writing, the IBM internal implementation of Lotus Notes Traveler is comprised entirely of stand alone Lotus Notes Traveler servers.32 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • 2.3 Planning your server and network topologyWhen planning the server and network topology for a Lotus Notes Traveler environment, there are a number of key points that you should consider: On which Lotus Domino servers should you install Lotus Notes Traveler? Does your Lotus Notes Traveler environment need to be highly available? How will the user mobile devices, which are typically on an external mobile data network,

    connect to your Lotus Notes Traveler server? How will your Lotus Notes Traveler server connect to the Lotus Domino servers hosting

    the users mail files?

    2.3.1 Choosing a Lotus Domino serverIt is advisable to use a dedicated Lotus Domino server for hosting Lotus Notes Traveler that is not used for performing any other role (for example, mail server, routing hub, and so on). This configuration not only maximizes the number of users that the Lotus Notes Traveler server can host, but also has other advantages such as being able to apply Lotus Notes Traveler specific configuration and tuning settings, enabling the server to be upgraded easier, and giving you more flexibility as to where you place your Lotus Notes Traveler servers in your network topology.

    2.3.2 High availability or stand-aloneImplementing high availability for your Lotus Notes Traveler environment is a decision you have to make based on how critical the service is to your business. A high availability solution means that your users can continue to use the Lotus Notes Traveler service even in the event of an outage. However, it does increase the complexity of the overall Lotus Notes Traveler environment, so, if the availability of the Lotus Traveler service is not considered to be business critical, you have the choice of implementing a simpler stand-alone solution instead.

    2.3.3 ConnectivityThere are three different approaches to providing the necessary connectivity between Lotus Notes Traveler, the users, and their respective mail servers. However, the implementation of each varies slightly depending on if you also want to enable High Availability (HA). All three variants work in a HA configuration, so the decision on whether to use HA does not restrict which of the three approaches you can use. The three approaches are described in more detail in the following sections, including details of the pros and cons of each to help you choose which is best suited to your own environment.

    Option one: A direct connection solutionIn a direct connection topology, the Lotus Notes Traveler server is placed in a network de-militarized zone (DMZ) that enables the Notes Traveler to connect directly to internet using the "front" firewall of the DMZ. The Lotus Notes Traveler is able to access to the Lotus Domino mail server through the "back" firewall of the DMZ.

    This topology is shown in the following figure:Chapter 2. Planning 33

  • Why use a direct connect solution?As a direct connect based solution is the quickest and easiest to implement, it is often used in an initial pilot or proof of concept of Lotus Notes Traveler. However, even in these circumstances, you still have to ensure the servers are sufficiently secured before exposing them to internet, especially if they will be synchronizing data from your production environment.

    Implementing High Availability in a direct connect solutionWhen implementing high availability (HA) in a direct connect solution, the pool of HA Lotus Notes Traveler servers is placed in the DMZ so that all of the servers in that pool can be accessed from the internet. This pool of servers is then addressed using either a simple round robin DNS entry that contains an entry for all the servers in the pool or using a separate IP sprayer server, depending on how you implement the load balancing part of the HA solution (2.14, Mobile device management integration on page 63 for more details on load balancer considerations). Because the HA solution for Lotus Notes Traveler also requires an enterprise database server (either IBM DB2 for Linux, UNIX, or Windows or Microsoft SQL Server) that is hosted on the internal network, an additional rule on the "back" firewall of the DMZ is required to enable connectivity between the Lotus Notes Traveler server and the database server.

    The following figures show the topology for a direct connect solution with HA using both round robin DNS and an IP sprayer:34 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Lotus Notes Traveler direct connection with high availability via round robin DNS:Chapter 2. Planning 35

  • Lotus Notes Traveler direct connection with high availability using an IP sprayer:

    Advantages of a direct connect solutionThe main advantage of the direct connection solution is that it is the simplest and quickest to implement. All that is required is a network DMZ and a new server upon which to host Lotus Notes Traveler.

    Disadvantages of a direct connect solutionThe main disadvantage of the direct connection solution is that it is the least secure because it exposes the Lotus Notes Traveler server (and the Lotus Domino server hosting it) to the internet.

    The front firewall of the DMZ only requires the HTTPS port to be opened (443) but this allows all external web browser traffic to connect to the Lotus Notes Traveler server. This means the operating system, the Lotus Domino server, and the Lotus Notes Traveler server all must be properly hardened to make sure they are secure. These servers also must be patched regularly to ensure they remain secure.

    If using a direct connect solution, consider deploying your Lotus Notes Traveler server in a separate Lotus Domino domain to the Lotus Domino mail servers to increase the level of security at the Domino layer. This implementation prevents the servers on your main Domino domain (and the data they host, such as the Domino directory etc) from being exposed directly to the internet. For more details on implementing Lotus Notes Traveler in a separate Lotus Domino domain, see 2.6, Domino domain configuration on page 44.

    Another disadvantage of the direct connect solution is that Lotus Notes document links will not work in Lotus Notes Traveler unless additional configuration is implemented to support it (e.g. opening more firewall rules between the Lotus Notes Traveler servers and the Lotus 36 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Domino Mail servers). So if a user receives an email that contains a link to another document hosted somewhere in the Lotus Notes environment, they cannot use that link. This is because, although Lotus Notes Traveler does support Lotus Notes document links, the Lotus Domino server hosting the document that the link points to must be both HTTP enabled and accessible on the network to the user device through HTTP. In a direct connection solution, by default only the Lotus Notes Traveler server itself is accessible to the user device. So if being able to use Lotus Notes document links via Lotus Notes Traveler is required, it would also be necessary to implement the network layer configuration changes to provide the connectivity between the Lotus Notes Traveler server and the Lotus Domino mail servers for it to work.

    Option two: A reverse proxy solutionIn a reverse proxy based solution, the Lotus Notes Traveler server is placed in your internal network and a reverse proxy server is placed in a network de-militarized zone (DMZ). The connectivity between the user device and the Lotus Notes Traveler server is handled by proxy server, so the device only ever connects directly to the proxy server and then the proxy server (transparently) provides the connectivity to the Lotus Notes Traveler server. As the Lotus Notes Traveler server is on the internal network, there are no connectivity restrictions between it and the Lotus Domino mail servers.

    The following figure shows this topology:

    Why use a reverse proxy solution?A reverse proxy based solution negates some of the security risks associated with the direct connect solution, but is generally easier and cheaper to implement than a Virtual Private Network (VPN) based solution. As such, it is a good choice if you want to implement a Chapter 2. Planning 37

    solution with strong security but do not want the complexity and cost associated with

  • implementing a separate VPN infrastructure. If implementing a HA solution, you also have the option to use a combined proxy and IP sprayer server to provide the required functionality with the minimum number of servers.

    Implementing high availability in a reverse proxy solutionWhen implementing high availability (HA) in a reverse proxy solution, rather than connecting to the Lotus Notes Traveler server, the proxy server connects to an IP Sprayer located on the internal network instead. That IP Sprayer then passes the connection from the user device on to one of the Lotus Notes Traveler servers in the HA pool. Alternatively, if you use a proxy server that supports a load balancing/IP spraying capability (such as IBM Mobile Connect), it is also possible to combine the IP spraying function with the reverse proxy meaning that the reverse proxy performs both of these roles, reducing the number of server instances required to provide the Lotus Notes Traveler infrastructure.

    As the Lotus Notes Traveler servers are located on the internal network, they can connect directly to the enterprise database server that is also required in a HA configuration.

    The following figures are examples of reverse proxy topology using both a separate IP sprayer and a combined IP sprayer and proxy:

    Lotus Notes Traveler reverse proxy connection with high availability using a separate IP sprayer:38 IBM Notes Traveler Hints and Tips for a Successful Deployment

  • Lotus Notes Traveler reverse proxy connection with high availability using combined proxy and IP sprayer:

    Advantages of a reverse proxy solutionThe main advantage of the reverse proxy solution is that the Lotus Domino server running Lotus Notes Traveler is no longer directly connected to the external internet, reducing the security risks associated of exposing the data hosted on these servers and thus making the overall solution more secure.

    Another advantage of this solution is that if you configure Single Sign On (SSO) authentication between the proxy server and the Lotus Notes Traveler server, you can off load much of the user authentication processing to the proxy server. This can potentially improve the performance of your Lotus Traveler server as it will only process users who have already authenticated successfully with the proxy server. Configuring SSO is described in more detail in 7.2, Configuring single sign-on on page 297.

    Disadvantages of a reverse proxy solutionThe main disadvantage of the reverse proxy solution is that it increases the number of server instances that make up the Lotus Notes Traveler environment. This topology also increases the complexity as a separate proxy server is required, requiring additional skills to support the reverse proxy server and additional configuration to integrate the reverse proxy server with Lotus Notes Traveler. However, the benefit of the additional security a reverse proxy solution offers will generally outweigh this disadvantage in the majority of circumstances.Another disadvantage is that the reverse proxy solution only provides connectivity to the Chapter 2. Planning 39

    Lotus Notes Traveler servers themselves and not to anything else on the internal network.

  • This means that the users cannot access other applications or data on the internal network, such a browsing intranet web pages or using Sametime.

    A further disadvantage is that, just like the direct connect solution, Lotus Notes document links will not work in Lotus Notes Traveler unless additional configuration is implemented to support it (e.g. opening more firewall rules between the Lotus Notes Traveler servers and the Lotus Domino Mail servers). This is because, although Lotus Notes Traveler does support Lotus Notes document links, the Lotus Domino server hosting the document that the link points to must be both HTTP enabled and accessible on the network to the users device via HTTP. In a reverse proxy solution typically only the Lotus Notes Traveler server itself is accessible to the users device, via the connectivity provided by the proxy server. So if being able to use Lotus Notes document links via Lotus Notes Traveler is required, it would also be necessary to implement the network layer configuration changes to provide the connectivity between the Lotus Notes Traveler server and the Lotus Domino mail servers for it to work.

    Option three: A virtual private network solutionIn a virtual private network (VPN) based solution, a VPN connection (tunnel) is established between the users mobile device and the internal network, through a VPN server located in the network de-militarized zone (DMZ). Once this VPN connection is established, the users mobile device is effectively connected the internal network and has direct connectivity to all of the servers located on it. All of the network traffic between the mobile device and the internal network is sent through the VPN connection, which is normally encrypted as well. This means that all of the Lotus Notes Servers