General:

  1. All data from Siemplify to Publisher and to the agent is encrypted:
  2. Data is signed by the agent
  3. All agents have a unique app key, and the Publisher has a whitelist of agents that can communicate with it. No other agent can communicate with the Publisher.
  4. All communication is one-sided. Siemplify and Agents have no entry port so the publisher cannot initiate communication unless it was polled by either Siemplify or an Agent.
  5. All data is deleted from agent publisher after a configurable period of time (3 days by default).
  6. Customers are advised to protect the publisher as they protect any other web server.
  7. Penetration testing has been performed on both the Publisher and the Agent.

Collecting tasks from an agent:

  1. Siemplify server publishes remote tasks and pushes it to the publisher.
  2. Agent polls for new tasks and collects the new task from the publisher.
  3. The new task’s data is collected by the agent and pushed to the publisher.
  4. Siemplify server polls the publisher for new data and pulls the new task data to Siemplify.

Encryption flow:

The symmetric key is generated for each job.
Siemplify holds the private key and the Agent holds the public key. The Publisher has no key and only transforms encrypted data.

Jobs polling:
The Remote Agent performs polling every 5 seconds (to get all pending jobs).
The job details are removed after execution.

Feedback

Was this helpful?

Yes No
You indicated this topic was not helpful to you ...
Could you please leave a comment telling us why? Thank you!
Thanks for your feedback.

Post your comment on this topic.

Post Comment