Advanced Endpoint Settings

The Advanced Endpoint Options are available for Jet customers with an Enterprise level subscription. When adding an endpoint you have the option to use a relay server to pass through a corporate firewall, and to configure a server to restrict an endpoint to outbound connections, providing greater network security when transferring between partner organizations.

Relays

When sending and receiving content, your organization may use a firewall to protect internal servers, while allowing outgoing network traffic via a perimeter network. Signiant Jet allows you to deploy an SDCX Server in a perimeter network that securely connects to an internal SDCX Server to establish a relay. By using a relay, your organization can send and receive content using Jet without exposing internal servers to outside traffic.

Note: Relays are supported on Signiant SDCX Server 4.3.0 or higher.

Establishing a Relay

Before you can establish a relay, you must deploy SDCX Servers to your internal and perimeter network, allowing both the internal and relay SDCX Servers to communicate to Signiant Cloud Services on TCP 443.

For more information about configuring firewall rules, see the System Requirements.

Relay to Storage (On-Premises or Cloud)

When sending and receiving content directly to and from a storage endpoint or cloud storage, the relay must have access to the ports specified in the SDCX Server network requirements.

On-Premises Storage

Jet network architecture with a relay at the one endpoint - on premises

Cloud Storage

Jet network architecture with a relay at the source endpoint - cloud storage

Relay to Relay

When sending and receiving content between partner organizations with perimeter networks, both organizations transfer content through their respective perimeter networks using SDCX Servers acting as relays.

Jet network architecture diagram with a relay at both endpoints

Assigning a Relay

To assign a relay server to an endpoint:

  1. When adding an endpoint, select an SDCX Server.
  2. In the Advanced Settings step, select an SDCX Server (Relay) from the drop-down menu.
  3. Click Add to finish adding the endpoint.

Relay Details

Once an endpoint is created, view its details in the side panel of the Endpoint Details page.

An endpoint with its relay details exposed in the technical details section of the endpoint details page

Restricting an Endpoint to Outbound Only Connections

Outbound only connections allow you to configure your firewall rules for a destination endpoint to only permit outbound traffic from a secure network, while still allowing the server to receive files as part of a job.

Note: Outbound only connections are supported on Signiant SDCX Server 4.4.0 or higher.

Outbound only endpoints use reflexive firewall rules to establish a secure connection to the source endpoint, instead of a source endpoint establishing the connection for the transfer.

To restrict an endpoint to outbound only connections:

  1. When adding an endpoint, select an SDCX Server.
  2. In the Advanced Settings step, enable Restrict to outbound connections.

Click the checkbox to restrict an endpoint outbound only connections

  1. Click Add to finish adding the endpoint.

Once you have restricted an endpoint to outbound only connections, you can block access to the following inbound ports on the SDCX server:

  • 49221 TCP
  • 50221 TCP
  • 49221-49421 UDP

Note: Transfers must include at least one endpoint that allows inbound traffic.

Was this page helpful?
About SigniantSigniant’s intelligent file movement software helps the world’s top content creators and distributors ensure fast, secure delivery of large files over public and private networks. Built on Signiant’s patented technology, the company’s on-premises software and SaaS solutions move petabytes of high-value data every day between users, applications and systems with proven ease.LEARN MORE