Splashtop Center is designed to be hosted inside the enterprise firewall to protect sensitive user information. Without complicating the existing network setup for security, here are a few common deployment approaches for on-premise hosting.
Splashtop Center deployment in the DMZ
It is recommended that Splashtop Center be installed on its own machine in your network DMZ.
As shown in the diagram above, deploying in the DMZ requires opening port 443 (by default it is 443, unless someone changes it) on the firewall to allow access to services via the Splashtop Center. The IT administrator needs to open port 443 and configure port forwarding for port 443 between public IP (Internet) and private IP (Intranet) in the firewall. All traffic between Internet client (mobile device) and Intranet Streamer communication and data transfer will be relayed by the on-premise Relay service of Splashtop Center.
Splashtop Center deployment in a private network
An alternative deployment option is placing Splashtop Center in the Intranet. This option is for companies who do not have DMZ. Splashtop Center can run in the Intranet and the IT administrator also needs to open port 443 and configure port forwarding for Splashtop Center in the firewall.