Services

DSG supports multiple protocols that are defined as services in the Ruleset hierarchy.

In DSG, the following service types are available:

  • REST API Service: DSG acts as a REST API Server, protecting or unprotecting application in a trusted domain.

  • Gateway Service: DSG acts as a gateway to protect sensitive information before it reaches an untrusted domain. The following are the different gateway services:

    • REST API
    • HTTP
    • WebSocket Secure (WSS)
    • SMTP
    • SFTP
    • Amazon s3
    • Mounted File System

Gateway service fields

The following figure illustrates all the common fields for the available service types.

Gateway Service Fields

The following table describes all the common fields for the available Service Types.

FieldSub fieldDescriptionNotes
Service TypeSpecify the role of this service i.e. whether to act as REST API or act as a gateway for a specific protocol.
NameName for the Service.
DescriptionDescription for the Service.
EnabledEnable or disable the Service.
TunnelsList of tunnels lying below the service instance.
HostnamesList of hostname to forwarding address mappings
 HostnameHostname or the IP address for an inbound request received by the gateway.
 Forwarding AddressHostname or the IP address for an outbound request forwarded by the gateway.
Password MaskingList of parameters value to be masked before the output is sent to the log files.
 PatternRegular expression to find text to replace in the parameter.
 ResourceRegular expression to look for in the parameter before masking it.
 MaskThe replacement text which acts as a mask for the pattern.
Learn Mode SettingsFilters for capturing details to be presented in the learn mode.
 EnabledEnable or disable learn mode settings.
 Exclude ResourceValues in the field are excluded from the Learn Mode logging.
 Exclude Content TypeContent type specified in the field is excluded from the Learn Mode logging.
 Include ResourceValues in the field are included in the Learn Mode logging.
 Include Content-TypeContent type specified in the field is included in the Learn Mode logging.
Transaction Metrics LoggingDefine if you want to log detailed transaction metrics, such as, protect operation performed, length of the data, service used to perform protection, tunnel used, and so on.
 EnabledEnable or disable transaction metrics to be logged in the log file.
 Log LevelSelect from the following logging levels
  • Warning
  • Information
  • Verbose
Ensure that the log level you select is the same or part of a higher log subset that you defined in the gateway log level.
Transaction Metrics in HTTP Response Header  
 HTTP Response Header Reporting EnabledEnable or disable detailed transaction metrics such as, data security operation performed, length of the data, service used to perform protection, tunnel used, and so on in the HTTP Response Header.If the HTTP Response Header Reporting Enabled option is selected and streaming is enabled, the transaction metrics data will not be displayed in the HTTP Response Header.
 HTTP Response Header NameName of the HTTP Response Header carrying the transaction metrics data. The default value for this option is X-Protegrity-Transaction-Metrics. You can change the default value as per your requirements.The name of the HTTP Response Header must be defined with valid characters. An HTTP Response Header name defined with invalid characters is automatically modified to the default value X-Protegrity-Transaction-Metrics.

-The Transaction Metrics in HTTP Response Header option is only available for the REST API and HTTP services.


Amazon S3 gateway

About the S3 gateway fields.

Mount file system out-of-band service

About the mount file system fields.

REST API

About the REST fields

Secure Web socket (WSS)

The WSS protocol provides a bi-directional communication between a client and a server over a single established connection.

SFTP gateway

About the SFTP gateway fields.

SMTP gateway

About the SMTP gateway fields.