What is Lime Mobility?
It’s a service that runs on your server and handles the communication between the Lime database and the smartphone. We recommend that Lime Mobility is set up by one of our consultant charging only half a block of consulting (560 €).
The Lime Mobility is tested and works on the most common Microsoft Servers such as Microsoft Windows Server 2003 R2, 2008 R2 and 2012 R2, but could very well work on other Microsoft Servers as well. A 64-bit version of Windows is needed though, and it has to support .NET 4.0 or later. Lime Mobility v3.x will not install on a 32 bit OS.
There are a few things to prepare and some steps may take some time as well, for instance if you are looking at getting an SSL-certificate issued by a Certificate Authority. Therefore, please start with the preparations well in time.
Here are the remaining points to prepare:
- Microsoft .NET framework 4.0 (full server version) or later needs to be installed on the server
- Firewalls and routers that are affected needs to be configured. Lime Mobility Server uses the standard port for HTTPS or HTTP, ie either 443 or 80. If the standard port is used by another service it is possible to use the alternative port 6246 for HTTPS or 6245 for HTTP.
- The server where the Lime Mobility Server is to be installed needs to be accessed from the internet either by a static IP-address or a DNS-name. The Lime Mobility does not make any calls towards the internet itself, only towards the network it’s in
- Lundalogik doesn't install Lime Mobility on a domain controller (DC). The reason for that is that the server get exposed to the Internet, causing an increased security risk. Lundalogik does not provide support for problems that arise due to the installation of a DC.
- Decide if you want the app and server to communicate using HTTP or HTTPS. If you choose HTTP then all traffic between the app and the server is sent in plain text, if you choose HTTPS then all traffic is encrypted and can not be intercepted by others. HTTPS requires that you purchase and install an SSL certificate from for example VeriSignor GoDaddy. Remember that it can take up to a week to get a certificate.
- Lime Mobility needs a user that runs the service. The installation package does by default create the user “Lime_Mobility”. The user requires full access to the database.
- If the Lime Mobility Server is to be installed within a DMZ-network it requires an opening in the firewall to your intranet. Also, the Lime Mobility Server must be run with a user that exists within your intranet. In other words, a user named Lime_Mobility must be created in your intranet with the same password as the local Lime_Mobility-user as well.
- Follow this link to learn more about specifications for ports (UDP/TCP 135-139 and UDP/TCP 445). http://support.microsoft.com/kb/298804
- To configure Lime Mobility Server requires Chrome, Firefox or Internet Explorer 10 or later.
- For Lime CRM your Lime CRM Web Services must be installed and configured.
How should we as a customer think regarding the installation environment for the Lime Mobility Server?
Since it’s impossible for Lundalogik to be aware of each of our customer’s different demands on security, willingness to invest and current IT infrastructure it’s also very difficult for us to tell you which solution is the best for you. Below we have described two companies way of thinking.
Example 1 – The Company with higher IT security demands
At CompanyNo1 a secure IT environment is the highest priority. They have sensitive information within their network and on their servers. The rigorous security level they have include multiple firewalls and all data transferred over the internet is encrypted. Since CompanyNo1 is dependent on this high level of security they are also willing to pay for the addition costs it entails.
CompanyNo1 chooses to install Lime Mobility Server on a dedicated server located outside of the inner domain, and places it instead within a DMZ-network. To put the Lime Mobility server within a DMZ-network, physically or virtually means that the inner domain is never exposed directly to the internet. This decreases the risk of having your network hacked.
CompanyNo1 does also choose to install an SSL Certificate issued by a Certificate Authority such as VeriSign or GoDaddy due to the fact that they want to make sure no unwelcomed guests can eavesdrop on the communication between the Lime Mobility Server and the smartphone.
Example 2 – the Company with lower IT security demands
CompanyNo2 is not worried about intruders in their network. CompanyNo2 does not see the risk of network attacks justify the extra cost for a having a hundred percent secure network.
CompanyNo2 have an IT provider that help them with their network and server. The IT provider has said it is possible to forwarding traffic from port 80 in their router to a computer/server on the network.
CompanyNo2 does not think any unwelcome guest will try to “listen” to the traffic between the smartphones and Lime Mobility Server. They think that HTTP is good enough.
Any questions on how to get started?
Don’t hesitate, contact our customer service or your responsible sales person.
firstname.lastname@example.org or phone +46 46 270 48 00.