Best Practices of IBM Notes Traveler Deployment. Date: 27 Aug 2015

Similar documents
Lotus Notes Traveler Upgrade Pack 1 High Availability (HA)

Updating the Client Access URL using IBM Traveler Server. OPEN MIC WEBCAST March 22, 2017 Alvin John Marron L2 Software Engineer IBM Traveler

Best Practices. Ranjit Rai Ranjit Rai 8April 2010

IBM Verse On-Premises

IBM Domino WEB Federated Login

Securing Connections for IBM Traveler Apps. Bill Wimer STSM for IBM Collaboration Solutions December 13, 2016

BlackBerry Enterprise Server for IBM Lotus Domino Version: 5.0. Administration Guide

Open Mic - Troubleshooting & Best Practices for Read/Unread Marks. Manisha Parida and Sandeep R Deshpande 29 Feb 2012

IBM SmartCloud Notes (SCN) Mail Routing

Tips and Tricks for IBM Notes Mail

VMware Boxer Comparison Matrix for IBM Notes Traveler Compare the features supported by VMware Boxer and AirWatch Inbox

VMware AirWatch Recommended Architecture Guide Setting up and managing your on-premises AirWatch deployment

VMware Workspace ONE UEM Recommended Architecture Guide

Open Mic Webcast: IBM Client Application Access (ICAA)

SIEBEL 15 RELEASE & UPGRADE SUMMARY

Deployment Scenario: WebSphere Portal Mashup integration and page builder

Barracuda Firewall Release Notes 6.5.x

Barracuda Firewall Release Notes 6.6.X

Developing Enterprise Cloud Solutions with Azure

VMware Enterprise Systems Connector Installation and Configuration. JULY 2018 VMware Identity Manager 3.2 VMware Identity Manager VMware AirWatch 9.

IBM Lotus Notes Traveler June 9, 2011 Jan Kenney - Product Manager, Lotus Notes Traveler & Lotus Mobile Connect

Exchange 2007 End of Service: Modernize with Office 365. Todd Sweetser Technical Solutions Professional

IBM Lotus Notes Traveler

GENOA Transformer Pre-Install Checklist

VMware Workspace ONE UEM VMware AirWatch Cloud Connector

VMware AirWatch Cloud Connector Guide ACC Installation and Integration

Set up Your Corporate or Personal (BYOD) iphone for Office 365 (Cloud)

BlackBerry Enterprise Server for Microsoft Office 365. Version: 1.0. Administration Guide

Challenge accepted: IBM Cloud onboarding & Upgrades to IBM Notes Browser Plug-in. ISBG vårseminar - May 2015

What's New in Notes/Domino 901 Feature Pack 8

Brocade Virtual Traffic Manager and Parallels Remote Application Server

BlackBerry Enterprise Server for Microsoft Exchange Version: 5.0. Feature and Technical Overview

Configuration Guide. BlackBerry UEM. Version 12.7 Maintenance Release 2

Security Improvements on Cast Iron

Manual Ftp Windows 7 Server 2008 R2 Java

BlackBerry Enterprise Server for IBM Lotus Domino Version: 5.0. Feature and Technical Overview

Going Mobile with IBM Verse

Polarion Enterprise Setup 17.2

Polarion 18.2 Enterprise Setup

VMware Enterprise Systems Connector Installation and Configuration

Microsoft Microsoft TS: MS Internet Security & Acceleration Server 2006, Configuring. Practice Test. Version:

Cloud Computing. An introduction using MS Office 365, Google, Amazon, & Dropbox.

Domino Integration DME 4.6 IBM Lotus Domino

IBM Lotus Domino Web Access 6.5.1

CONFIGURING SQL SERVER 2008 REPORTING SERVICES FOR REDHORSE CRM

Extended Search Administration

Iphone Setup I-OS6 Installation and Setup for iphone

Defeating All Man-in-the-Middle Attacks

IBM Sametime Web Client & Meeting Server - An Introduction to new features in version 9.0.1

Contents. Platform Compatibility. New Features. Secure Remote Access SonicWALL SSL VPN 2.5 Early Field Trial (EFT) for SSL-VPN 200

ISEC7 - B*Nator EMM Suite. Check Before Installation Guide

Edge Foundational Training

SharePoint. Team Site End User Guide. Table of Contents

Installing and Configuring VMware Identity Manager Connector (Windows) OCT 2018 VMware Identity Manager VMware Identity Manager 3.

Teamcenter Installation on Windows Clients Guide. Publication Number PLM00012 J

Gladinet Cloud Enterprise

Installation Guide for Runtime Sybase Unwired Platform 2.1 ESD #1

SafeConsole On-Prem Install Guide. version DataLocker Inc. July, SafeConsole. Reference for SafeConsole OnPrem

BlackBerry UEM Configuration Guide

Configuration Guide. BlackBerry UEM. Version 12.9

HySecure Quick Start Guide. HySecure 5.0

Extending the Domino System. Powered by Notes. The First Groupware and Server for the Net R E L E A S E

VMware Enterprise Systems Connector Installation and Configuration. Modified 29 SEP 2017 VMware AirWatch VMware Identity Manager 2.9.

VMware View Upgrade Guide

How to Configure GroupWise Message-Level Backups

Secure Container DME. SecureContainer - DME is available for ios and Android.

905M 67% of the people who use a smartphone for work and 70% of people who use a tablet for work are choosing the devices themselves

Microsoft. Designing, Deploying, and Managing a Network Solution for a Small- and Medium-Sized Business

Clientless SSL VPN Overview

Deploy. A step-by-step guide to successfully deploying your new app with the FileMaker Platform

Lotus Notes Functions Manually Run Rules

GroupWise Architecture and Best Practices. WebAccess. Kiran Palagiri Team Lead GroupWise WebAccess

Remote Access VPN. Remote Access VPN Overview. Licensing Requirements for Remote Access VPN

SoftBank Wireless Assistant Desktop Assistant Client User's Guide

The Rockefeller University I NFORMATION T ECHNOLOGY E DUCATION & T RAINING. VPN Web Portal Usage Guide

Mailbox Management with Symantec Enterprise Vault.cloud

Teamcenter Installation on Linux Clients Guide. Publication Number PLM00010 J

Administering Jive Mobile Apps

PCI DSS Compliance. White Paper Parallels Remote Application Server

DME completely secures the business data on your device so if you lose it or it is stolen, you can be certain that nobody can get to your data.

MB Microsoft Dynamics CRM 2016 Online Deployment.

Marist Mail Reference Guide

COPYRIGHT Under the copyright laws, neither the documentation nor the software may be copied, photocopied, reproduced, translated, or reduced to any

VMware AirWatch Content Gateway for Linux. VMware Workspace ONE UEM 1811 Unified Access Gateway

SonicWALL SSL VPN 2.5 Early Field Trial

Configuration Guide. Installation and. BlackBerry Enterprise Server for Novell GroupWise. Version: 5.0 Service Pack: 4

IBM SmartCloud Entry. Administrator Guide 2.3

Crestron Fusion Cloud On-Premises Software Enterprise Management Platform. Installation Guide Crestron Electronics, Inc.

Barracuda Archive Search for Outlook Customization Options

EveryonePrint. Mobile Gateway 4.2. Installation Guide. EveryonePrint Mobile Gateway Installation Guide Page 1 of 30

GO!NotifyLink Palm webos Solution

IBM Notes Browser Plug-in

BlackBerry Enterprise Server Express for Microsoft Exchange

Polarion 18 Enterprise Setup

Office 365 Exchange Online Backup & Restore Guide. 11 September CloudBacko Corporation

PGP(TM) Universal Server Version 3.2 Maintenance Pack Release Notes

Remote Desktop Services. Deployment Guide

IBM SmartCloud Notes Security

Hosted Exchange. Presented by Joseph Lee

SYSTEM REQUIREMENTS M.APP ENTERPRISE

Transcription:

Best Practices of IBM Notes Traveler Deployment Date: 27 Aug 2015

Open Mic Team Sandip Singh - IBM ICS Support engineer Presenter Sukanya Yenneti - IBM ICS Support engineer Presenter Ranjit Rai - IBM ICS SWAT Focussing on entire Notes/Domino Jayavel Rajendran - IBM ICS SWAT Focussing on entire Notes/Domino Hansraj Mali - IBM ICS SWAT Focussing on Notes/Domino Narendra Nesarikar IBM ICS Support Facilitator for Open Mics 2

Agenda Choosing the deployment Reasons for migrations to new Hardware Migrating Traveler Server to new Hardware Best practices to upgrade Traveler Server Common problems observed at time of Traveler upgrade Moving a stand alone system to HA Best practices to enable https on Traveler Server What's new in Notes Traveler 9.0.1.3 and later releases IBM Verse on Apple device 3

Choosing the deployment: Basic Stand-alone Traveler Architecture 4

Choosing the deployment: Basic Traveler HA Architecture 5

Choosing the deployment (continued..) Traveler and Mail servers in different Domino Domain Keep the IBM Traveler server's directory separate from Mail server to prevent design changes. Minimize the amount of data from the mail servers that is accessible from the Notes Traveler server. Name look-up can still be done from Traveler server using the below notes.ini along with DA. NTS_TRAVELER_AS_LOOKUP_SERVER=true. Note: With this deployment if you want to move to HA then all Traveler server in HA pool should be from same DOMAIN. 6

Choosing the deployment (continued..) Network consideration Mail server, IBM Traveler server and Enterprise database server should be located in the same LAN. Ping response not more than 50 m/s from Traveler server to mail servers. Use HTTP or HTTPS to communicate with the Traveler server from the device. Do not use form base authentication, use basic authentication (401). Use basic Round Robin without session affinity for load balancers in HA setup. Network equipment must not block or alter traffic between mobile device and server. Disk Considerations Windows 64/Domino 64-425 IOPs (I/O operations per second). The disk I/O requirements for the enterprise database server are higher in order to support multiple IBM Notes Traveler servers in HA. 7

Choosing the deployment (Continued..) Capacity Guidelines: Maximum Devices Minimum OS Minimum Physical Memory Minimum CPU Cores 100 Win32 4GB 2 300 Win32/Linux32 4GB 4 1000 Win64/Linux64 8GB 4 2000 Linux 64-bit 16GB 8 2000 Windows 64-bit 16GB 8 Note: While you are in HA maximum devices per server scale up to 2500. Reference: http://www-10.lotus.com/ldd/dominowiki.nsf/xpdocviewer.xsp? lookupname=administering+lotus+notes+traveler+8.5.3#action=opendocument&res_ti tle=capacity_planning_guidelines_for_lotus_notes_traveler_lnt853&content=pdconte nt 8

Reasons for migration to new Hardware: New hardware for improved performance. 32-bit operating system to 64-bit operating system to host more users. Unsupported operating system to a supported operating system. Standalone IBM Notes Traveler to HA for fault tolerance. 9

Migrating Traveler Server to new hardware: Method 1 - Full data copy: Copy the contents of the Domino data directory from Traveler old to Traveler new. Change the hostname and IP address of the Traveler new server to match the hostname and IP address of the Traveler old server. Method 2 - Minimal data copy: The Domino Server Name can be different. Copy these files/directories from Traveler old to Traveler new: data/traveler/ntsdb data/lotustraveler.nsf data/ntsclcache.nsf 10

Migrating Traveler Server to new hardware: (Continued..) Method 2 - Minimal data copy: (Continued..) Change the hostname and IP address of the Traveler new server to match the hostname and IP address of the Traveler old server. Take TRAVELER and HTTP out of the ServerTasks list in the notes.ini file and then start the Domino server. Change host name used in the Domino server document. 11

Migrating Traveler Server to new hardware: (Continued..) Method 2 - Minimal data copy (Continued..) Change host name in any Internet Site Documents, if specified. Add TRAVELER and HTTP back to the ServerTasks list of notes.ini file. References: http://www-10.lotus.com/ldd/dominowiki.nsf/xpdocviewer.xsp? lookupname=administering+lotus+notes+traveler+8.5.2#action=opendocument&res_title= Moving_Lotus_Notes_Traveler_to_a_new_server_LNT8521&content=pdcontent 12

Best practices to upgrade Traveler server: Announcing the upgrade schedule. Backing up files. Updating Lotus Domino, then upgrade Traveler server. Upgrade the design of Domino directory. All devices, except the ios devices are required to upgrade the IBM Notes Traveler application after the server is updated, to have the new features. 13

Best practices to upgrade Traveler server: (Continued..) After upgrading the server, you can use IBM Notes Traveler immediately. Resynchronization between the server and devices does not occur. Maximum cached users: 14

Best practices to upgrade Traveler server: (Continued..) Maximum memory size: By default, the value of the maximum memory size is 1024 MB for 64-bit. Evaluate the system load and adjust the memory size as necessary. Use the tell traveler mem or tell traveler status command to determine if Java heap is sufficient on your system. 15

Best practices to upgrade Traveler server: (Continued..) Ensure that number of devices that are accessing the traveler should have the proper number of HTTP threads are allocated to the server. Number of threads that are needed is 1.2 times of the number of devices. 16

Common problem observed at time of Traveler upgrade Upgrade traveler domino server to latest version before traveler upgrade. Immediate backup of ntsdb is recommended. Remove traveler task from traveler server notes.ini, while domino server upgrade. Verify no notes/domino and java task is running while upgrade. 17

Moving a stand alone system to HA: Moving stand alone IBM Notes Traveler servers into a high availability pool. IBM Notes Traveler High Availability configuration provides for improved fault tolerance. HA configuration enables additional capacity to be added as needed for future growth. IBM Notes traveler server in a HA pool: Maximum Devices per Server Minimum Operating System Minimum Physical Memory Minimum CPU Cores 2,500 Linux 64-bit 16GB 4 2,500 Windows 64-bit server 16GB 4 18

Moving a stand alone system to HA: (Continued..) Deploys multiple IBM Notes Traveler servers in a service pool. The pool of IBM Notes Traveler servers is accessed through a single URL. The internal database on each individual IBM Notes Traveler server is no longer used. This enables any server in the HA pool to service requests from any user/device. 19

Moving a stand alone system to HA: (Continued..) Requirements specific to running an HA Pool: - Must run on 64 bit Windows or Linux OS. - DB2 Enterprise server 9.7 FP5 or later. - MS SQL Enterprise Server 2008 or later. - Enterprise Database Server for the HA Pool: Maximum Devices in Service pool Minimum Physical Memory Minimum CPU Cores 4,000 16GB 4 6,000 16GB 4 8,000 16GB 4 10,000 32GB 8 12,000 32GB 8 20

Moving a stand alone system to HA: (Continued..) The minimum configuration for IBM Notes Traveler HA Pool is as follows: - Two Domino servers running IBM Notes Traveler. - One DB2 server or Microsoft SQL server. - One server running the IP sprayer/load balancer. 21

Moving a stand alone system to HA: (Continued..) Process for Derby to Enterprise DB Migration is as follows: - Only add one server to the pool at a time. First server creates the service pool. - On startup will migrate user data to enterprise db. - Allow data migration to complete before adding another server. - Use DNS or Proxy for single access URL. 22

Best practices to enable https on Traveler server: Change the External Server URL of Traveler on the Server Document from http://<servername>/traveler To https://<servername>/traveler After updating the External Server URL from http to https, all users must reconfigure their devices to the new server URL which is using https. There are currently no solutions available that will automatically update or reconfigure the devices. Enhancement Request JEDP-9V5QEG has been created. 23

Best practices to enable https on Traveler server: (Continued..) If can't reconfigure all devices at that time then you should keep TCP/IP port status to "Enabled" under TCP section in server document. 24

Best practices to enable https on Traveler server: (Continued..) What is Poodle? POODLE - Padding Oracle On Downgraded Legacy Encryption. This vulnerability allows a man-in-the-middle attacker to decrypt ciphertext using a padding oracle side-channel attack. POODLE affects older standards of encryption, specifically Secure Socket Layer (SSL) version 3. It does not affect the newer encryption mechanism known as Transport Layer Security (TLS). DISABLE_SSLV3=1 allows Domino server to disable SSLv3. 25

Best practices to enable https on Traveler server: (Continued..) Points to remember to avoid Poodle on Traveler server: A Notes Traveler solution may or may not be impacted by the POODLE attack depending upon the deployment configuration together with the technical responses or updates offered by the various platform vendors. 1. Consult the mobile device vendors for details on their product responses to this attack. 2. Mobile devices connecting via SSLv3 directly to a Notes Traveler (Domino) server. 3. Mobile devices connecting via Mobile Device Management (MDM) servers. NTS_SSL=true to encrypt the server to server communications. The Notes Traveler server has been updated to use TLS as default encryption protocol for server to server communication. 26

Best practices to enable https on Traveler server: (Continued..) IBM has released APAR patch LO82423 to prevent the use of SSLv3 in Notes Traveler secure server-toserver communication. This patch has been included in Interim Fix updates for the following Notes Traveler server releases and in all future releases: 9.0.1 IF7 9.0.0.1 IF8 8.5.3 Upgrade Pack 2 IF8 References: https://www-304.ibm.com/support/docview.wss?uid=swg1lo82423 http://www.ibm.com/support/docview.wss?uid=swg21688179 IBM has released Domino server Interim Fixes that implement TLS 1.0 to protect against the POODLE attack. References: http://www.ibm.com/support/docview.wss?uid=swg21687167 27

Whats new in Notes Traveler 9.0.1.3: IBM Traveler 9.0.1.3 requires Domino 8.5.3.x, 9.0.0.x, or 9.0.1.0.x (or later). We recommend running Domino 9.0.1 to take advantage of all latest fixes and features. If installing on a Domino 8.5.3 server it is required to also install Domino 8.5.3 Upgrade Pack 1 if not already installed. Can be installed on any previous release of Traveler, stand alone or HA. Same Enterprise DB support as 8.5.3 UP2. BlackBerry devices latest firmware 10.3.1 support syncing the Trash Folder. IBM Verse for ios devices is supported but it is not supported if running on a Domino 8.5.3 server. Upgrade Domino to a 9.0.x or later version for support. 28

What is IBM Verse? It is a powerful email hosting solution that enables users to access their business communications from a laptop or desktop browser or from a mobile device. This email and business messaging experience is based on an innovative user-centric design, including social analytics and advanced search capabilities. IBM Verse helps users quickly find and focus on what content is most important, empowering them to build stronger working relationships while optimizing business results. 29

IBM Verse for Apple devices Requirements for Apple: ios 8.1 or later. The app can only be used by Verse-licensed users in Connections Cloud or against on-premise IBM Traveler servers at 9.0.1.4 or higher. Domino must be 9.0 or later version. IBM Traveler servers must support SSL/TLS and have a valid certificate (Not self-signed one). The same IBM Verse for Apple devices client is used in either the cloud or on premise versions, however some Verse capabilities are only available in the cloud. Those are: 'Important People' features People photos obtained from Connections Profiles 30

IBM Verse for Apple devices On-Prem IBM Verse can be installed from the Apple ios App Store. To configure IBM Verse for the first time, you'll need to know the address of your IBM Traveler server. 31

IBM Verse for Apple devices On-Prem (Continued..) You may be required to set an application passcode for whenever you use IBM Verse. 32

IBM Verse for Apple devices On-Prem (Continued..) If the configuration is successful and pascode setting is done then IBM Verse will open the mail Inbox and start syncing with the server. From the Settings page, you can also choose whether to sync new data to your device automatically (if your server supports it) or manually. 33

IBM Verse for Apple devices On-Prem (Continued..) Need Action: When you receive a mail message that contains an action item, you can add it to a list of things that need to be completed. From the inbox, left swipe the message to display the option menu, then press the Needs Action icon (Or ) From the message itself, press the same icon to open the options menu, then choose Mark Needs Action. 34

IBM Verse for Apple devices On-Prem (Continued..) Need Action (Continued..) : You can add notes to the message by tapping the Capture you notes here... 35

IBM Verse for Apple devices On-Prem (Continued..) Waiting for a response: IBM Verse lets you track responses from mail messages you've sent. You do this by marking the message as Waiting For. Tap Waiting For icon from swipe menu from in Sent or Draft folder mails. Tap Mark as Needs action button from compose view. 36

IBM Verse for Apple devices On-Prem (Continued..) Calendar entries: IBM Verse for Apple devices lets you see and access all your upcoming calendar entries in a quick and visual way. 37

IBM Verse for Apple devices On-Prem (Continued..) Mail View: Inline Images, Attachments And Domino Encrypted. Mail Actions: Trash, Move to Folder, Reply, Reply All, Forward and Quick Reply. Mail Settings: 38

IBM Verse for Apple devices On-Prem (Continued..) Mail Thread: IBM Verse adds a graphical conversation style to mail messages that lets you keep all your mail threads organized and easily viewable within your inbox. 39

IBM Verse for Apple devices On-Prem (Continued..) Draft, sent and folders: Form your Inbox, just select the Mailbox button to display your folders. From there, choose either the Drafts or Sent folder to show the contents. You'll see all your preexisting IBM Notes and SmartCloud Notes folders, and you can interact with them just as you would in those environments. 40

IBM Verse for Apple devices On-Prem (Continued..) Important to Me feature and Search Messages in contacts: The Important to Me feature is only available for Connections Cloud users. Message can be searched from specific contacts:1. Contact's business card. 2. Can see all the messages from your Important people contacts 41

IBM Verse for Apple devices On-Prem (Continued..) Today widget: The Today widget for IBM Verse provides a whole range of information about your day in the ios Today view. 42

How to stay informed of available maintenance Recommended Maintenance Technote: http://www.ibm.com/support/docview.wss?uid=swg24019529 Notes Traveler APAR Listing by release: http://www.lotus.com/ldd/dominowiki.nsf/dx/lotus_notes_traveler_apar_listing Registering for Notes Traveler notifications: http://www.lotus.com/ldd/dominowiki.nsf/dx/how_to_subscribe_to_notes_traveler _product_notifications Notes Traveler Part Number Index: http://www.lotus.com/ldd/dominowiki.nsf/dx/notes_traveler_part_number_list_for_fast_search_o n_passport_advantage 43

Questions Q&A 44

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback