The RSOE runs on the same computer as an Unwired Server and is configured with the address of a Relay Server (the inner firewall is open to outgoing traffic, but not incoming traffic).
The RSOE connects to the Relay Server via HTTP or HTTPS and identifies itself through the Media Access Control (MAC) address, security token, and the back-end Sybase Unwired Platform farm it services. The Relay Server identifies the RSOE’s authenticity. If Relay Server accepts the RSOE’s identity, it sends RSOE a list of all other RSOEsin the Relay Server farm. The RSOE establishes a blocking GET HTTP request to eachfarm member. When a Relay Server receives a client request for a given Sybase Unwired Platform farm, it picks one of the available RSOE connections and sends the client request there.
In this way, the network administrator need not open inner firewall ports to allow connection requests into the intranet. All connection requests come from within the intranet. Avoiding firewall portholes protects the intranet from hackers who breach the outer firewall.
This network traffic contains exactly the same content, and thus the same security concerns as network communication between the device application or database and the Relay Server.