For best performance and usability, there should be a direct or routable network connection between the ServerAssist console and any installed agents, management servers and operations servers.
Keeping Within Security Policies
However, in some high-security and remote networking scenarios, such a connection may require inbound connections from the Internet or other untrusted network, and due to security policies, may not be permitted.
In these cases, the gateway provides indirect connectivity between applicable components.
Only Outbound HTTP Needed
The gateway is installed on a publically accessible web server, and the appropriate ServerAssist service is configured to connect to the gateway.
This connection is over normal or secure HTTP, and is initiated by the ServerAssist service, and so does not require any inbound connections.
For most networks, this means that no additional outbound protocols need to be enabled through existing firewalls.
When the console needs to connect to a ServerAssist service, it connects to the gateway.
The service polls the gateway every few seconds, and when it sees a request from the console, processes it, and uploads the result of that request to the gateway. The console then requests that response from the gateway, and processes the response in exactly the same way as if a direct network connection had been made.
There is no functional difference between a direct connection and one made via a gateway.
All Components Accessible
While this facility is typically used to enable connectivity to remote agents behind high-security firewalls, it is equally possible to connect to a remote management server or operations server via a gateway.
This opens up the possibility of full, secure remote access to the entire ServerAssist configuration without compromising the security of the core network in any way.
full access without any firewall changes