Services on

Amazon S3 Out-of-Band Service

Mon, 01 Jan 0001 00:00:00 +0000

The fields for the Amazon S3 Gateway service are as seen in the following figure.

The following table describes the additional fields relevant for the Amazon S3 Gateway service.

Field	Sub-Field	Description	Notes
Object Mapping		List of source and target objects that the service will use.
	Source	Bucket path where data that needs to be protected is stored. For example, `john.doe/incoming`.	The DSG supports four levels of nested folders in an Amazon S3 bucket.
	Target	Bucket path where protected data is stored. For example, `john.doe/outgoing` .
Streaming		List of file processing delimiters to process file using streaming.Note: The Text, CSV, and Binary payloads are supported. If you want to use XML/JSON payload with HTTP streaming, ensure you use the Text payload for extract rule.
	Filename	Regular Expression to look for in the file’s name and path before applying streaming (e.g. \.csv$)
	Delimiter	Regular Expression used to delimit stream. Rules will be invoked on delimited streams.	If the delimiter value is not matched, then the data will be processed in non-streaming mode.

The options for the Outbound Transport Settings field in the Amazon S3 Gateway are described in the following table.

Mounted File System Out-of-Band Service

Mon, 01 Jan 0001 00:00:00 +0000

The additional fields for the mounted file system service are as seen in the following figure.

The following table describes the additional fields relevant for the Mounted File System service.

Field	Sub-Field	Description	Notes
File Mapping		List of source and target files that the service will process.
	Source	Regex logic that includes the source path where data that needs to be protected is stored along with the filter to identify specific files. For example, if you set `(.\/)input\/(.)` as the value, all the files in the input folder will be selected for processing.	Click Test Regex to verify if the regex expression is valid.
	Target	Regex logic that includes the target path where processed data is stored along with other identifiers, such as appending additional tag.For example, if you set `\1output/\2.processed` as the value, the processed files will move to the I`/output` folder with `.processed` appended to them.Click Test Regex to verify if the regex expression is valid.
Streaming		Enabling streaming lets you process a payload in smaller chunks that are broken based on delimiters defined and processed as they are chunked. Using streaming, you no longer must wait for the entire payload to process, and then transmitted. List of file processing delimiters to process file using streaming.	The Text, CSV, and Binary payloads are supported. If you want to use XML/JSON payload with streaming, ensure you use the Text payload for extract rule.
	File Key	Regular Expression to look for in the payload before applying streaming (e.g. \.csv$). Streaming is applied only to requests where File Key matches the regex pattern.	Click Test Regex to verify if the regex expression is valid.
	Delimiter	Regular Expression used to delimit stream. Rules will be invoked on delimited streams.	Click Test Regex to verify if the regex expression is valid. If the delimiter value is not matched, then the data will be processed in non-streaming mode.
Error Metrics Logging		Log the metrics for error, such as total number of errors, error offset, reason for the error, and so on.	.
	Enabled	Enable or disable error metrics to be logged in the log file.
	Log level	Warning Information Verbose

The following example snippet describes the format for the Outbound Transport Settings field for NFS service:

REST API Service

Mon, 01 Jan 0001 00:00:00 +0000

The fields for the REST API service are as seen in the following figure.

The following table describes the additional fields for the REST API Gateway service.

Field	Sub-Field	Description	Default (if any)	Notes
Dynamic Learn Mode Header		The header that will be used to send a request to enable the learn mode for a particular URI.
Dynamic Streaming Configuration*		HTTP header that will be used to send a request.
Streaming		Enabling streaming lets you process a payload in smaller chunks that are broken based on delimiters defined and processed as they are chunked. Using streaming, you no longer must wait for the entire payload to process, and then transmitted. The chunk size must be entered in bytes.List of file processing delimiters to process file using streaming.	Chunk size - 65536	The Text, CSV, and Binary payloads are supported. If you want to use XML/JSON payload with streaming, ensure you use the Text payload for extract rule.
Authentication Cache Timeout		Define the amount of time for which the username and password in the REST request is stored in cache.	900 seconds
Asynchronous Client Configuration		If streaming is enabled and you plan to use an asynchronous HTTP client, then these settings must be configured. The DSG is optimized to handle asynchronous requests.		This parameter is applicable only with REST streaming.
	HTTP Async Client Enabled	Select to enable when HTTP asynchronous client will send a request to DSG.	False	The HTTP Async Client Header Name header must be sent as part of the HTTP request for DSG to understand that the incoming requests are sent from an asynchronous client. If the header is not sent as part of the request, then the DSG assumes that the request is sent from a synchronous client. This parameter is applicable only with REST streaming.
	HTTP Async Client Header Name	Provide the header name that must be set in an HTTP request in the client such that DSG understands that the request is sent from an asynchronous HTTP client. For example, if the header name is set to X-Protegrity-Async-Client in the service, then when a request is sent to the DSG, the header value must be set to either ‘yes’, ’true’, or ‘1’.		This parameter is applicable only with REST streaming.
Error Metrics Logging		Log the metrics for error, such as total number of errors, error offset, reason for the error, and so on.	.
	Enabled	Enable or disable error metrics to be logged in the log file.
	Log level	Warning Information Verbose		Ensure that the log level you select is the same or part of a higher log subset that you defined in the gateway log level.
	Error	Set one HTTP status code for the errors that may occur in the file while processing it. Select from the following HTTP status codes: 200 OK 201 Created 202 Accepted 203 Non-Authoritative Information 205 Reset Content 206 Partial Content 400 Bad Request 401 Unauthorized 403 Forbidden 422 Unprocessable Entity 500 Internal Server Error 503 Service Unavailable

* -The dynamic streaming configuration can be explained as follows:

Secure Web socket (WSS)

Mon, 01 Jan 0001 00:00:00 +0000

In the DSG, the WSS service can be used by configuring the HTTP Tunnel. The WSS service is designed for listening to traffic on HTTP and HTTPS ports 80 and 443 respectively.

Caution: In this release, the DSG uses the WSS service to pass through data as-is without performing any data protection operation such as protect, unprotect, and reprotect. You cannot invoke any child rules using the WSS service.

The fields for the WSS Gateway service are as seen in the following figure.

SFTP Gateway Service

Mon, 01 Jan 0001 00:00:00 +0000

The SFTP Gateway service can be implemented with either Password authentication or Public Key exchange authentication.

The fields for the SFTP Gateway service are as seen in the following figure.

The additional fields for the SFTP Gateway service when authentication method is Public Key are as seen in the following figure.

Before you begin

Ensure that the following pre-requisites are complete before you start using the SFTP gateway with Public Key authentication method.

SMTP Gateway Service

Mon, 01 Jan 0001 00:00:00 +0000

The SMTP Gateway service provides options that must be configured to define the level of extraction that must be performed on the incoming requests on the DSG. Based on the requirements, data security operations are performed on the extracted sensitive data.

The fields for the SMTP Gateway service are as shown in the following figure.

The following table describes the additional fields for the SMTP Gateway service.