- All data from Siemplify to Publisher and to the agent is encrypted:
- Data is signed by the agent
- All agents have a unique app key, and the Publisher has a whitelist of agents that can communicate with it. No other agent can communicate with the Publisher.
- All communication is one-sided. Siemplify and Agents have no entry port so the publisher cannot initiate communication unless it was polled by either Siemplify or an Agent.
- All data is deleted from agent publisher after a configurable period of time (3 days by default).
- Customers are advised to protect the publisher as they protect any other web server.
Collecting jobs from an agent:
- Siemplify server publishes remote jobs and pushes it to the publisher.
- Agent polls for new jobs and collects the new job from the publisher.
- The new job’s data is collected by the agent and pushed to the publisher.
- Siemplify server polls the publisher for new data and pulls the new job data to Siemplify.
The symmetric key is generated for each job.
Siemplify holds the private key and the Agent holds the public key. The Publisher has no key and only transforms encrypted data.
The Remote Agent performs polling every 5 seconds (to get all pending jobs).
The job details are removed after execution.