Trusted Agents Components
The following table describes the key components that participate in Trusted Agents scenarios.
| Component | Definition |
|---|---|
| Private CSM Network | The network in which CSM servers are running. This network is separate from the network in which one or more Private Resources reside, so Trusted Agents are required for communication with those Private Resources. |
| Private Customer Network | A network that contains one or more Private Resources, such as an LDAP directory and/or a relational database, that need to be accessed by CSM but which are separated from CSM by one or more network security boundaries. |
| Private Resource | A server, service, or data source that is not directly accessible to CSM servers because of one or more network security boundaries. A typical scenario is to have one or more private resources within a private customer network while CSM is hosted outside of the customer network. |
| Redis Cache | A Redis database used to enable scale-out of Trusted Agents Hubs. |
| Trusted Agent | A software component that acts as a proxy
for communication between a Trusted Agents Hub and one or more Private
Resources of a given type. Each Trusted Agent can handle communication with one
type of Private Resource, but it can handle communication with more than one
instance of that Private Resource type.
For example, a Trusted Agent for External Data can connect to any number of databases as long as those databases are accessible to the Trusted Agent. Similarly, a Trusted Agent for LDAP can connect to any number of LDAP directories as long as those directories are accessible to the Trusted Agent. Each Trusted Agent is hosted within a Trusted Agents Service. |
| Trusted Agents Hub | A CSM software component that runs within a
CSM Browser Client web application and acts as the central point of
communication for all Trusted Agent interactions. Trusted Agents connect to a
Trusted Agents Hub at startup, and CSM servers communicate to Trusted Agents by
sending requests to the Trusted Agents Hub, which selects the Trusted Agent to
receive each request.
Trusted Agents Hubs may be scaled out using Redis just as CSM Browser Client can be scaled out. |
| Trusted Agents Service Group | A configurable set of Trusted Agent Services that can be created in CSM Administrator and selected when configuring Trusted Agent usage for external data sources, LDAP directories, and Windows Domains. Trusted Agents Groups are used to route requests to only specific Trusted Agent Services. If no groups are configured, all Trusted Agent Services are assumed to be capable of performing all Trusted Agent operations. |
| Trusted Agents Server | The physical or virtual machine that hosts a Trusted Agents Service and is collocated on a private network with the Private Resource(s) that should be accessible to CSM servers. A Trusted Agents Server can host only one Trusted Agents Service, but multiple Trusted Agents Servers can be used to support request routing and fault tolerance. |
| Trusted Agents Service | A Windows service that hosts Trusted Agents. Each Trusted Agents Service hosts three Trusted Agents: one for External Data, one for LDAP, and one for Windows Domains. |