MetaData - Retrieve
From All n One's bxp software Wixi
Contents
1 Overview
Overview | Retrieve | Input | Process | Output |
---|---|---|---|---|
Link | Link | Link | Link | Link |
Retrieving data from various sources is the first step in a MetaData process. There are various options to how data can be brought into bxp. This article discusses the various options and approaches used.
2 Push or Pull
The first decision on the data is whether a primary approach of push or pull is going to be used.
- Pull: bxp must go into another system and pull out the data
- Push: An external system pushes the data into bxp
There are different times where these approaches are appropriate. The primary deciding factor is the considerations of associated security.
If security of the remote client is paramount, all solutions suggested will tend to be Push. This allows the client to dictate the hows and when bxp gets the data.
2.1 Pull
2.1.1 Primary security considerations - Connectivity
There are different levels of encryption and security considered when considering the Push or Pull.
If the client is comfortable with their security measures, bxp can log in to retrieve data. This is usually through one of three methods.
- SFTP file retrieval
- Email attachment retrieval
- API interaction
Where API interaction is required, the API documentation is supplied by the client and a connector is appropriately built. SOAP, XML, JSON, RESTful, etc are all supported. For security, current client integration examples are not listed here.
bxp to retain its high availability does not VPN into client infrastructures. VPN connections and their maintenance across the nTier of our web platform is unsustainable and can be easily replaced with PUSH sFTP solutions. Which All n One can provide support on.
2.1.2 Primary security considerations - Content Encryption
The next consideration is to what level is the data encrypted. Numerous options exist with the most common being AES256 encryption on zip files being transferred. Solutions also exist for PGP based encryption approaches. A case by case review is adopted to facilitate client capabilities and requirements.
2.2 Push
This is more generally used when security and automation capability is not yet at an automated enough level. bxp provides a number of mechanisms for data to be pushed into it.
- bxp API: An API for direct data injection Scenario_-_bxp_as_a_secure_Website_Data_Store
- sFTP: bxp can provide clients with an on demand sFTP account structure.
- The primary bxp interface: Over HTTPS a user can upload files into a bxp system
- All n One email account: All n One can provide an @allnone.ie email address external to the clients environment which bxp can retrieve emails and attachments from
Once the files are within bxp, again decryption of encrypted content can be performed.
3 VPN
A Virtual Private Network, creates a bubble which extends the security of your internal network out and around another machine on another network.
VPNs are a massive security consideration. They also offer allow a number of capabilities not possible with other solutions. Consider two networks.
The base interactions described above are tried, tested, secured and checked protocols for interaction. So the security tends to interact at the edge points.
In a VPN scenario, a machine, or even an entire network enters a security bubble
A VPN is a two way street. If the machine enters a network, machines on that network can chat. For this reason it is not possible to put a production web server of bxp into another clients network for security reasons. Instead a staging / intermediate server is required, controlled and security audited.
Now the files can be retrieved from the VPN and then presented securely to bxp through one of the secured interfaces.
4 Audit-ability
The primary concern for any security department is to be able to audit any process especially in the transfer of data. Numerous auditing reports and details are supported Bxp_-_Audit_Logs
5 Conclusion
All n One can facilitate a variety of retrieval and encryption approaches. The primary question becomes what is the most economic and practical approach to data transfer. This will depend primarily on the client capability and maturity. All n One's development teams would be delighted to discuss how we can help you securely get your data into bxp. Contact us on support@bxpsoftware.com to see how we can help you get your data into bxp.