Deployment Guide Trademarks Add Life to the Web, Afterburner, Aftershock, Andromedia, Allaire, Animation PowerPack, Aria, Attain, Authorware, Authorware Star, Backstage, Bright Tiger, Clustercats, ColdFusion, Contribute, Design In Motion, Director, Dream Templates, Dreamweaver, Drumbeat 2000, EDJE, EJIPT, Extreme 3D, Fireworks, Flash, Flash Lite, Flex, Fontographer, FreeHand, Generator, HomeSite, JFusion, JRun, Kawa, Know Your Site, Knowledge Objects, Knowledge Stream, Knowledge Track, LikeMinds, Lingo, Live Effects, MacRecorder Logo and Design, Macromedia, Macromedia Action!, Macromedia Breeze, Macromedia Flash, Macromedia M Logo and Design, Macromedia Spectra, Macromedia xRes Logo and Design, MacroModel, Made with Macromedia, Made with Macromedia Logo and Design, MAGIC Logo and Design, Mediamaker, Movie Critic, Open Sesame!, Roundtrip, Roundtrip HTML, Shockwave, Sitespring, SoundEdit, Titlemaker, UltraDev, Web Design 101, what the web can be, and Xtra are either registered trademarks or trademarks of Macromedia, Inc. and may be registered in the United States or in other jurisdictions including internationally. Other product names, logos, designs, titles, words, or phrases mentioned within this publication may be trademarks, service marks, or trade names of Macromedia, Inc. or other entities and may be registered in certain jurisdictions including internationally. Third-Party Information This guide contains links to third-party websites that are not under the control of Macromedia, and Macromedia is not responsible for the content on any linked site. If you access a third-party website mentioned in this guide, then you do so at your own risk. Macromedia provides these links only as a convenience, and the inclusion of the link does not imply that Macromedia endorses or accepts any responsibility for the content on those third-party sites. Copyright Notice Copyright © 2004 Macromedia, Inc. All rights reserved. This manual may not be copied, photocopied, reproduced, translated, or converted to any electronic or machine-readable form in whole or in part without prior written approval of Macromedia, Inc. Acknowledgments Director: Erick Vera Project Management: Stephanie Gowin Writing: Bob Benedict Editing: Noreen Maher Production and Editing Management: Patrice O'Neill Production: Adam Barnett First Edition: May 2004 Macromedia, Inc. 600 Townsend St. San Francisco, CA 94103 CONTENTS Breeze Deployment Guide ............................................. 5 About Breeze technology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Launching a meeting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 Common configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Additional configuration guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Firewalls and proxy servers . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Learning management system (LMS)/Aviation Industry CBT Committee (AICC) communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9 SSL Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 Planning your deployment summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10 3 4 Contents Breeze Deployment Guide Breeze Deployment Guide is a supplement to Breeze Installation Guide. This deployment guide offers additional information about installation configurations, and firewalls and proxies, as well as guidelines for successful deployment. About Breeze technology A Macromedia Breeze installation includes components that interact to form a total solution. End users log in, enroll in courses, view reports, and complete additional basic functions using a webbased application that runs in a browser. End users can also participate in meetings using a Macromedia Flash Player based application. The web application interacts primarily with Breeze Presentation and Breeze Training server components. When a user launches a meeting, the Flash Player application interacts primarily with the Breeze Live server, although there is still some interaction with the Breeze Presentation and Breeze Training server as well. The following figure illustrates the primary components of the system and how these components interact: 5 For two computers to communicate over the Internet, the client computer must have the IP address of the server computer. Typically, the client uses a domain name such as www.mycompany.com, and a name server translates the IP address of the server. To send information to a specific application running on the server, the client must also know the port for that application. For example, most web servers listen to port 80. Servers typically run a few applications, such as a web server, a mail server, and an FTP server, and each one of these applications owns or listens to a specific port. Launching a meeting You can trace the order in which components perform when users launch a meeting to help you understand the primary system components. The following example illustrates the typical order in which Breeze uses components to place users successfully in a meeting: 1. The web browser collects the login credentials and communicates the credentials to the Breeze server. 2. The Breeze Presentation and Breeze Training server accepts the login credentials and validates the user. 3. The Breeze Presentation and Breeze Training server creates a session and sends the home page information to the browser. Note: Some users might not see the home page if they received a meeting invitation directly. 4. In the web browser, the user sees the meeting on the home page and clicks the link (and consequently the meeting launch button) to launch the meeting. 5. In Flash Player, the meeting interface, implemented as a Flash application, opens. 6. In Flash Player, the Flash application initiates communication with both the Breeze Presentation and Breeze Training server and the Breeze Live server to participate in the meeting. 7. The Breeze Live server waits to initiate the meeting until the designated start time. (The meeting actually is ready to begin during earlier communication between the Breeze server and the Breeze Live server.) 8. The Breeze Live server handles most of the requests from Flash Player to display media, such as video and audio, and to conduct application sharing. 9. The Breeze Presentation and Breeze Training server interacts with Flash Player to provide meeting services, such as content display and views into the Content library. 6 Breeze Deployment Guide Common configurations The previous figure in this document illustrates a common configuration for enterprise customers. For small- to medium-sized customers with simple network configurations, installing all Breeze server components on a single server is a viable solution. As an alternative, consider using two separate servers, as the following figure shows: The Breeze Presentation and Breeze Training server is installed on one computer, and the Breeze Live server is installed on a different computer. This configuration separates users who view the content, courses, and reports from users who participate in meetings. This configuration reduces the load on a single server and can also solve issues related to networks and firewalls. Breeze Installation Guide discusses several common configurations and the following additional configurations: Clustering Breeze Presentation and Breeze Training servers Creating a cluster of servers lets you distribute end-user traffic across multiple servers. Use this configuration if you have many users and are concerned about the load on a single server, or when you want to have more than one server as a redundant system, in case a single server experiences hardware failure. Clustering Breeze Live servers You can also create a cluster of Breeze Live servers to distribute end-user traffic across multiple servers. Use this configuration if you have many users and are concerned about the load on a single server. Breeze Live has many features that produce high loads, such as support for audio, video, and sharing applications. Separating Breeze Presentation and Breeze Training databases You may install the Breeze database on a separate server from the application. Doing so lets you create more stringent backup and redundancy procedures for the database itself, separate from the application. Breeze currently supports Microsoft SQL Server 2000, which must be installed on the database server. Common configurations 7 Additional configuration guidelines The following are additional guidelines to help you set up your network and Domain Name Service (DNS): Static IP addressees Breeze does not support static IP addresses to access the server. Many websites and systems let you access their content by entering either a URL, such as www.search.com, or an IP address, such as 66.252.27.402. You must set up a domain name for your Breeze server and map that to the proper IP address using either a DNS server or a .hosts file. Two server configurations and ports If you install Breeze Presentation and Breeze Training modules on one server, and Breeze Live on another, configure Breeze Live to use port 80. Although Breeze Live can use port 80 or port 1935, port 80 is better known and the system encounters fewer issues, such as with firewalls and networks. Firewalls and proxy servers Firewalls and proxy servers can cause problems for a single-server Breeze configuration. The Breeze Presentation and Breeze Training server uses port 80 by default, which most firewalls and proxy servers allow. Breeze Live uses port 1935 by default, and reverts to port 443 if port 1935 is not successful. These two ports are not as common to firewalls and proxy servers; if necessary, Breeze Live attempts to use port 80 to interact with the end-user's computer if ports 1935 and 443 aren't available. 8 Breeze Deployment Guide A conflict arises when you install all Breeze components on the same server with a firewall or proxy server. The Breeze Presentation and Breeze Training server uses port 80, and Breeze Live also uses port 80 if ports 1935 and 443 do not work. You then have two applications running on the same server with the same IP address using the same port. The following figure illustrates this: Traffic coming into the server for port 80 only goes to one of the two applications; the traffic might go to the wrong application. One solution is to install the two server applications on two separate computers, ensuring that they have their own IP addresses. Another solution is to update your firewall or proxy server to support two different ports on the same computer: using port 1935 for Breeze Live, for example. Several TechNotes at www.macromedia.com offer instructions about configuring a Breeze Live server. (Search for Flash Communication Server topics. Flash Communication Server powers Breeze Live.) Learning management system (LMS)/Aviation Industry CBT Committee (AICC) communication If you use a proxy server or firewall, keep in mind during installation that the AICC e-learning standard requires content to send data back to the learning management system using HTTP to track user results. If you use Breeze and the AICC option for LMS, and your users are outside of your firewall, you must make sure that your firewall accepts incoming HTTP requests to capture learner results. AICC standards define this communication strategy. Firewalls and proxy servers 9 SSL Support Breeze requires an SSL accelerator to support encrypted communication over the Internet. You can use a hardware solution, such as F5 BigIP SSL accelerator, to improve results. Macromedia recommends using hardware solutions, due to the high bandwidth requirements of streaming media. Macromedia does not recommend using software SSL solutions. The Internet uses well-known ports for nonencrypted HTTP-based web traffic and encrypted HTTPS-based web traffic. Nonencrypted traffic generally goes to port 80, and encrypted traffic generally goes to port 443. SSL accelerators work by intercepting traffic on port 443, decrypting the information, and sending it on to the server through port 80. There is no indication to the server that the original data was encrypted. When you set up your SSL solution with Breeze however, you must still send the decrypted traffic to Breeze on port 443, even though it is already decrypted and could, in theory, go to a nonencrypted port. The problem is, the Breeze server generates specific URLs to allow users to go directly to meetings and courses. If you are running an SSL accelerator, these URLs must begin with https instead of http (the "s" in HTTPS indi ...