Overview of the Mobile Controller
This chapter introduces the Mobile Controller, the Management Console, and the basic steps for deploying SteelHead Mobile packages. This overview contains the following sections:
Before reading this guide, you should know how to install and connect the Mobile Controller to your network. For details, see the SteelCentral Controller for SteelHead Mobile Installation Guide.
To use this chapter, you must know how to install, configure, and manage WAN optimization using the SteelHead. For details about the SteelHead, see the SteelHead Installation and Configuration Guide, the SteelHead Management Console User’s Guide, and the SteelHead Deployment Guide.
Hardware and Software Dependencies
The following table summarizes the hardware and software requirements for the Mobile Controller.
Mobile Controller Component | Hardware and Software Requirements |
Mobile Controller | 19-inch (483-mm) two-post or four-post rack. |
Management Console | Any computer that supports a web browser with a color image display. The Management Console has been tested with Mozilla Firefox Extended Support Release 10.0 and Microsoft Internet Explorer 7.0 and 8.0. Note: JavaScript and cookies must be enabled in your web browser. |
SteelHead Mobile | RiOS 4.0.x or later on the SteelHead. |
Overview of the Mobile Controller Solution
The Mobile Controller solution lets you optimize TCP traffic to remote users who are accessing your computer network using any type of remote access. Remote users employ client software to exchange optimized data with a SteelHead. In most cases, the Mobile Controller requires only a hostname and IP address to be operational, and client software can be deployed using default settings.
Depending on your organization, your Mobile Controller solution can include:
• SteelHead Mobile Controller - A dedicated, rackable unit designed to manage the Mobile Controller licenses and to control the deployment, management, and reporting of Mobile Controller client software for large deployments and rapidly growing organizations.
• Virtual Steelhead Mobile Controller - Provides virtualized enterprise-grade acceleration for small- sized and medium-sized businesses or smaller strategic mobile deployments.
• SteelHead Mobile Client - The client software that enables LAN-like performance for Windows PCs or Mac computers, no matter where users are located. SteelHead Mobile clients are managed by the Mobile Controller and connect to a SteelHead.
The Mobile Controller solution enables you to perform optimization for the following types of users:
• Mobile Users - Employees who connect to the WAN from various locations and also connect to the LAN locally.
• Home Users - Employees who use computers that connect to the corporate network.
• Small Branch Office Users - Users located at offices with fewer than ten employees who connect to the WAN but do not have a standard SteelHead on site.
The SteelHead Mobile software is deployed to PC or Mac laptops or desktops. A Mobile Controller, typically located in the data center, is required for Mobile Controller deployment, management, and licensing control. After the Mobile Controller is deployed, packages that contain client software can be distributed.
SteelHead Mobile policies are assigned to a group or a particular user on the Mobile Controller. Policies define optimization rules and connection information for the SteelHead Mobile clients. The Mobile Controller can update SteelHead Mobile policies, if desired.
Figure: Optimization Process Flow outlines the optimization process flow.
Figure: Optimization Process Flow
The Mobile Controller is designed to be deployed to your SteelHead Mobile clients without additional configuration. It ships with default policies that provide default values for the client software that is deployed to your endpoints. You can create your own packages and your own polices as needed.
You can find information about custom deployments in this guide and in the SteelHead Deployment Guide.
Definition of Terms
The following terms are used to describe Mobile Controller features, attributes, and processes.
Term | Definition |
endpoint/SteelHead Mobile | An endpoint client or SteelHead Mobile is a client computer: for example, a Windows or Mac laptop, or a tablet. |
SteelHead Mobile package | A SteelHead Mobile install package is used to install SteelHead Mobile software onto each of your endpoint clients. A package created on a Mobile Controller contains the fully qualified domain name (FQDN) of the Mobile Controller and a certificate that secures communication between the client and the controller. The default SteelHead Mobile package that ships with the Mobile Controller contains default package settings. Typically, you can install and deploy the Mobile Controller without modifying the default policy or package that ship with the product. For details, see Creating Packages. |
policies | A policy contains optimization rules for accelerating the WAN traffic between SteelHead Mobile clients and SteelHeads in your network. A policy is required for optimization to occur. A policy also contains information about the size of the SteelHead Mobile RiOS data store. Prior to Mobile Controller 4.0, policies were separated into endpoint and acceleration policies. |
group assignments | A group assignment is an association between a number of SteelHead Mobile clients or users and a package and policy. A group assignment governs which policies and packages the Mobile Controller provides to the SteelHead Mobile clients. When you create a package, you can assign a group assignment to it. The group assignment is associated with the SteelHead Mobile clients upon installation of the SteelHead Mobile software. The Mobile Controller subsequently uses the group assignment to identify the SteelHead Mobile client and provides the assigned policies and software updates. Group assignment was called Deployment ID in Mobile Controller 2.x and earlier releases. |
clusters | Clusters are groups of two or more Mobile Controllers used to pool available SteelHead Mobile licenses and configuration settings. The entire pool of available licenses remains available to the SteelHead Mobile clients even if one Mobile Controller has used all of its licenses or one Mobile Controller fails. SteelHead Mobile clients can connect to Mobile Controllers in a cluster and receive a consistent configuration from any Mobile Controller in the cluster. Configuration changes made to any Mobile Controller propagate to all Mobile Controllers in the cluster. |
Demilitarized Zone (DMZ) | A demilitarized zone (DMZ) is a computer or small subnetwork that sits between a trusted internal network, such as a corporate private LAN, and an untrusted external network, such as the public Internet. Typically, the DMZ contains devices accessible to Internet traffic, such as web (HTTP) servers, FTP servers, SMTP (email) servers, and DNS servers. |
Mobile Controller Administration Tasks
The Mobile Controller facilitates the following administration tasks for your SteelHead Mobile clients:
• Configuration - The Mobile Controller enables you to install, configure, and update SteelHead Mobile clients in groups. The Mobile Controller uses policies, packages, and deployment groups to facilitate centralized configuration and reporting.
• Monitoring - The Mobile Controller provides both high-level status and detailed statistics about SteelHead Mobile performance, and enables you to configure alerts for managed SteelHead Mobile clients.
• Management - The Mobile Controller enables you to schedule software upgrades and configuration changes to groups of SteelHead Mobile clients or to collect logs from SteelHead Mobile clients.
• License Pooling - You can join two or more Mobile Controllers into a cluster, allowing pooling of available licenses. With license pooling, the entire pool of licenses remains available to the SteelHead Mobile client, even if one Mobile Controller has used all of its installed licenses or a Mobile Controller in the cluster fails. SteelHead Mobile clients can connect to any Mobile Controller in a cluster and receive shared configuration settings from any Mobile Controller in the cluster. For details, see
Configuring Mobile Controller Clusters.
What Are Policies?
Policies are sets of optimization, security, endpoint storage, and other configuration settings for groups of SteelHead Mobile clients that have the same performance requirements. Policies can also be shared by Mobile Controllers that are members of a cluster. A policy can be for a specific SteelHead Mobile client, or it can represent settings for groups of SteelHead Mobile clients and SteelHeads in your enterprise environment.
The Mobile Controller ships with a default policy, Initial, which the Mobile Controller automatically provides to endpoint clients. For basic settings, you can install and deploy Mobile Controller without modifying the default policy.
What Are Packages?
You use packages to install and update the SteelHead Mobile client software on each of your endpoint clients. A package is an installation bundle for the client’s operating system that contains the SteelHead Mobile client software and the information necessary for SteelHead Mobile clients to communicate with the Mobile Controller.
In most cases, you can deploy the default package included with the Mobile Controller.
For details, see
Creating Packages.
Note: If the package is to be downloaded by more than 50 clients, Riverbed recommends that you put the package on a file server so that the Mobile Controller is not overloaded with requests.
What Are Group Assignments?
Group assignments govern which policies and packages your SteelHead Mobile clients receive. Group assignments enable you to deploy different policies to groups of SteelHead Mobile clients, based on their individual performance needs. When you deploy a package to a group, the Mobile Controller uses the group assignment to identify the proper subset of SteelHead Mobile clients and automatically provides policy and software updates to them. For details, see
Managing SteelHead Mobile Assignments.
What Are Clusters?
Clusters are groups of two or more Mobile Controllers used to pool available endpoint licenses and share configurations when multiple Mobile Controllers are needed to support large deployments. SteelHead Mobile clients associated with clusters have access to the licenses on all Mobile Controllers in the cluster, even if one or more Mobile Controllers are unavailable. Any member of a cluster can modify settings used by the cluster, and the settings are then automatically updated to the entire cluster. For detailed information about clusters, see
Configuring Mobile Controller Clusters.
Using the Management Console
The following section describes how to connect to and navigate in the Management Console. It includes the following sections:
You manage the Mobile Controller using either the web-based Management Console or the Riverbed command-line interface. Riverbed recommends that you use the Management Console to configure and manage your system. The Mobile Controller command-line features are described in the Riverbed Command-Line Interface Reference Manual.
Connecting to the Management Console
To connect to the Management Console, you must know the URL or IP address and administrator password that you assigned when you set up your Mobile Controller using the configuration wizard of the Mobile Controller. For details, see the SteelCentral Controller for SteelHead Mobile Installation Guide.
Note: JavaScript and cookies must be enabled in your web browser.
To connect to the Management Console
1. Enter the URL for the Mobile Controller in the location box of your web browser:
<protocol>://<host.domain>
<protocol> is HTTP or HTTPS. HTTPS uses the SSL protocol to ensure a secure channel. If you use HTTPS to connect, you might be prompted to inspect and verify the SSL certificate. By default, the Mobile Controller uses a self-signed certificate, which provides encrypted web connections to the Management Console. It is re-created when the appliance hostname changes and when the certificate has expired.
<host> is the hostname you assigned to the Mobile Controller primary interface in the configuration wizard. If your DNS server maps that IP address to a name, you can specify the DNS name.
<domain> is the full domain name for the Mobile Controller appliance.
The Management Console appears, displaying the Login page.
Figure: Login Page
2. In the Username text box, specify the user login: admin, monitor, a login from a RADIUS or TACACS+ database, or any local accounts created using the role-based accounts feature. The default login is admin. For details on role-based accounts, see
Managing User Permissions.
Users with administrator (admin) privileges can configure and administer the Mobile Controller. Users with monitor (monitor) privileges can view the Mobile Controller reports and user logs, and change their own password. A monitor user cannot make configuration changes.
3. In the Password text box, specify the password you assigned in the configuration wizard of the Mobile Controller. (The Mobile Controller is shipped with the default password: password.)
4. Click Log In to display the Home page.