Server initiated flows allow servers and services to initiate sessions to devices that have the Atmos Agent installed. This is useful for privately hosted applications that require server-to-client initiated communication, such as on-premise VoIP applications (receiving a call), patch distribution (Bigfix), and active FTP (sending a file from a server to a client machine). It can also allow communication between Atmos Agents for VoIP calls, File shares, or screen share applications.
Server initiated flows assign a static IP to each Atmos Agent from a connector managed IP pool, which enables the server to reach the client using the IP address as shown in the following IP Pool Assignment diagram.
With this approach, the servers only communicate with Axis Connector, and the Atmos Agent users only communicate with Axis Cloud as shown in the following Server Initiated Flow diagram.
Axis Security isolates the user from the enterprise network entirely by brokering access to applications. It creates an encrypted connection from the user to the Axis Cloud and from the Axis Cloud to the application server. In this way, the user is never directly connected to the network, giving more secure access. Axis Cloud only assigns these IP addresses to the client that has access to the application via a policy.
Server Initiated Flow does the following:
- Assigns a unique IP address to each Atmos Agent in the private network
- Allows servers to initiate sessions to users with the Atmos Agent
- Allows Atmos Agents to communicate with each other
- Allows customers to use legacy VoIP applications
- Users can access as many server initiated flow applications as needed, but they must use the same connector zone.
- Each Connector in the same zone requires a unique IP pool that does not overlap. For example, you cannot have 2 connectors in the zone both using 10.50.50.0/24 IP pools.
Updated over 1 year ago