Answer
Archiver exposes certain features via a web site which is hosted in Windows' web server, Internet Information Services (IIS). For example, the administrator can configure the application and generate reports, and users can view their emails via a browser or use client-side software like the Outlook Connector and the Archive Assistant.
If the environment is configured in a way that this web site is reachable via the Internet users with laptops can access those features even while not connected to the local network.
If the environment is configured in a way that this web site is reachable via the Internet users with laptops can access those features even while not connected to the local network.
After the installation of GFI Archiver the web site and IIS are prepared to be accessed from the local network. In most cases only three additional steps are required to publish the web site in the internet:
-
Configure NAT on your firewall; create a Port Forwarding rule which routes traffic from the Internet to the IP of the GFI Archiver server
- Set up a public DNS record for the GFI Archiver web site, for example archiver.yourdomain.com, and point it to the external firewall IP address
- Set up a local DNS record for the same hostname, for example archiver.yourdomain.com, and point to the local GFI Archiver server IP address
All of these topics refer to the specific network environment therefore no details are listed here. From a high level point of view the following should be considered:
- Can the server be configured with a public IP address that is routable on the Internet?
- If the server is located in a Network Address Translate (NAT) environment with a private IP address, Port Forwarding could be configured on the NAT device (router / firewall) to the GFI server
- Should the connection be encrypted using HTTPS instead of HTTP?
- If the server is exposed to the Internet, please ensure that it is hardened, secured as well as that current Windows Updates are regularly applied
- Configure the client software (e.g. the Outlook Connector) to connect to the server using the URL, which can be reached via the Internet as well as internally when connected to the local network
- An alternative to exposing the web page publicly would be to have clients connect to the network via VPN and then connect to the GFI Archiver server through the secured VPN tunnel
- If considering to place the GFI Archiver server in a DMZ, please note that GFI Archiver requires access to Active Directory
Note that assistance by the GFI technical support team in regard of this topic is limited as network configuration falls outside of the scope of GFI.