Delegating network requests
|Top Previous Next|
You can optionally delegate network requests from JSCAPE MFT Gateway Server to one or more registered instances of JSCAPE MFT Gateway Agent. This option is used primarily in environments where inbound network connections from the DMZ to the internal network are prohibited due to network security or regulatory compliance requirements. A visual and description of the network communication flows between client, JSCAPE MFT Gateway Server, JSCAPE MFT Gateway Agent and target server are provided in Figure 51 below.
Here is an overview of what needs to be done in order to delegate network requests.
1. Reverse proxy service is created in JSCAPE MFT Gateway Server with Delegate connections to available agents option enabled.
2. Agent login username is added in the Agents module of JSCAPE MFT Gateway Server. See Adding agents for details.
3. Control channel is enabled in JSCAPE MFT Gateway Server. See Control channel settings for details.
4. JSCAPE MFT Gateway Agent software is installed one one or more machines in private network.
5. Client establishes connection to service port in JSCAPE MFT Gateway Server e.g. for FTP this may be port 21.
6. JSCAPE MFT Gateway Server recognizes that this reverse proxy service has Delegate connections to available agents option enabled and assigns request to an available agent (using round-robin algorithm if more than one agent is available).
7. JSCAPE MFT Gateway Server then instructs agent to establish connection to target server and creates a tunnel between client, JSCAPE MFT Gateway Server, JSCAPE MFT Gateway Agent and target server/port.