You can implement several different security server topologies.
The topology illustrated in Figure 1 shows a high-availability environment that includes two load-balanced security servers in a DMZ. The security servers communicate with two View Connection Server instances inside the internal network.
When users outside the corporate network connect to a security server, they must successfully authenticate before they can access remote desktops and applications. With appropriate firewall rules on both sides of the DMZ, this topology is suitable for accessing remote desktops and applications from client devices located on the Internet.
You can connect multiple security servers to each instance of View Connection Server. You can also combine a DMZ deployment with a standard deployment to offer access for internal users and external users.
The topology illustrated in Figure 2 shows an environment where four instances of View Connection Server act as one group. The instances in the internal network are dedicated to users of the internal network, and the instances in the external network are dedicated to users of the external network. If the View Connection Server instances paired with the security servers are enabled for RSA SecurID authentication, all external network users are required to authenticate by using RSA SecurID tokens.
You must implement a hardware or software load balancing solution if you install more than one security server. View Connection Server does not provide its own load balancing functionality. View Connection Server works with standard third-party load balancing solutions.