Configuring Agents

Agents are computers on which the Signiant Agent software is installed. One of the Agents in your data transfer system is the Manager. As part of the Agent installation, the Certificate Authority running on the Manager signs an Agent's security certificate, allowing the Agent to take part in mutually-authenticated transfers.

Architecture

The Manager supports communication with distributed Agents. These Agents are known by their hostname but can use multiple names if they are aliased or in a clustered or multi-Manager configuration.

Agent Architecture Diagram

Installing and Upgrading Agents

For detailed installation and upgrade procedures, see Installing Agents.

Best practices for Configuring and Managing Agents

  • Group Agents by physical location or computing function (e.g. NewYorkAgents, TranscodeAgents) and place access controls on the Agent groups you create so that specific users can perform the required tasks.
  • If you are implementing Business-to-Business (B2B) transfers, familiarize yourself with remote access permissions. Investigate using the event broker to allow your B2B partners to monitor transfers on your Agents, if needed.
  • If you have traffic going outside your firewall or Network Address Translations (NAT), familiarize yourself with relays.

Adding and Editing Agent Configuration

You can edit Agent settings from the Agents List. The same settings can be applied to multiple Agents at once by selecting the Agents to edit and clicking Edit Multiple.

To add or edit an Agent:

  1. Navigate to Administration > Agents > List.
  2. Click Add or select an Agent and click Edit.
  3. Configure Agent settings on the available tabs.

General

  • Identification
    Specify the Agent name and an optional description. Select the platform and organizations if required. The tab also displays the CA address used by the Manager, and its version and build number.
  • Address
    Specify the Agent's physical address.
  • Location
    The Location tab displays a world map indicating the location of Agents. In order to have Agents appear in the Agent Status dashboard widget, you must configure the Agent's location. Click on the region of the map where the Agent is located to make a flashing Agent icon appear. To change the location of the Agent, click elsewhere on the map, or click Clear Location and choose a new region. For additional information about the Agent Status map, see Using the Dashboard.
  • Contact
    Specify the contact information associated with the Agent.
  • Environment
    Define the default transfer directory, the administrators responsible for the Agent, and its default user. Select the number of days that logs are retained. If set to zero, logs are not deleted. The Environment tab also displays the Install and Log Directories.
    Note: Retaining logs indefinitely will impact performance.

Groups

Add or remove an Agent from an Agent Group.

Permissions

Control user and group access to management objects. For information on enabling permissions, see Understanding Users.

Remote Access

Access rights enable communication between the Manager and the primary Agent, and between the primary Agent and secondary Agents. See Enabling Remote Access.

Network

On the Network tab, you can define preferences such as protocol relays, source/destination port ranges, and tunnels to assist with firewall traversal. See Configuring Agent Network Settings.

Replication

When the Replicating Agent license is installed, the Replication tab is displayed. This tab allows you to specify a load balanced group of Agents to which transfers from the selected Agent will be replicated.

Note: All Agents in the replication group must have the same operating system.

To configure replication, select Enable Replication and move the Agent into the Load Balanced Replication Targets column.

Note: You can configure replication for multiple Agents in the Agents List. Select Add Relays, Tunnels and Replication Targets and the Relays tab.

Trusted CA

You can add or remove CA certificates associated with the trusted Manager. You cannot remove the trust from the primary Manager.

Add or delete a Manager's trust by selecting the appropriate Manager and clicking Add or Delete.

Web Transfer API

If you are licensed to use the Web Transfer API, you can configure the Agent as a TAPI-enabled server. This allows the Agent to send and receive data to and from Web Transfer API clients.

To configure an Agent as a Web Transfer API enabled server:

  1. Select Enable Web Transfer API.
  2. Set the number of Concurrent Transfers the Agent can perform.

    • This value can be the number of remaining licenses up to a maximum of 10 per Web Transfer API enabled Agent.
  3. Set the Authentication method:

    • Local authentication uses a local server to check credentials, and provides file access according to the local user's local file access rights. All uploads are owned by the local user.
    • Signiant authentication uses Signiant's web service to authorize any transfer requests that include a user ID and password for the Manager application. The web service adds Web Transfer API statistics to the database. You must choose this value in order to be able to view job information on the activity screen.
    • SOAP authentication uses a custom web service to authenticate transfers.

    Note: Transfers authenticated by Signiant or SOAP are performed as the Agent default user and restricted to the Agent default directory under a specific sub-directory for that user.

  4. Set the URLs and Namespace for your Web Transfer API servers.
  5. Set the Agent's Process Event permissions:

    • Begin File: Whether the file be uploaded or downloaded by the Agent.
    • Rename File: Whether the Agent renames files on the server.
    • End File: Whether the Agent able to determine if an individual file is transferred.
    • Disconnect: Tells the Agent the transfer is complete.

To enable object storage for the Web Transfer API:

  1. Click Enable Object Storage.
  2. Enter Storage Server and Bucket details.
  3. Enter SubFolder information.
  4. Select a Bucket Access Style:

    • Virtual Host Style
    • Path Style
  5. Enter the Access Key and Secret Key, as appropriate.

Object Storage

Object Storage is only available for Red Hat/CentOS and macOS Agents. To use Agent object storage, click Enable S3 Compatible Object Storage. The number of available licenses is displayed and deprecates accordingly.

Transfers can only be accelerated with Flight Gateway if the object storage is AWS or Azure. To configure the Agent for Flight Gateway, click Enable Flight Gateway and enter your server details.

Trace

The Signiant Process Controller is a Linux server daemon or Windows service running on all hosts that participate in data transfers. It is responsible for connection security, i.e. authentication, authorization, data integrity, and encryption, and launching Agents to perform the data transfers. The Process Controller listens for connections and instructions, and must be running at all times in order for data transfers between Agents to occur. Turning on Process Controller Trace provides debugging functionality for each process started by the process controller.

Note: Turn on tracing under the direction of Signiant Support.

To configure trace specifications:

  1. On the Trace tab, enable Enable Process Controller Trace.
  2. Select the transfer components for which you want to produce trace logs. Choose from:

    • File Transfers
    • Object Transfers
    • Remote Commands
    • Process Transfers
    • Streaming Transfers
    • HTTPServer
    • SSL Interface
  3. Select the type of trace information you want to see. Choose from:

    • WAN Acceleration
    • SSL I/O* Sockets
    • Locking
  4. Click Apply.