Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved


Chapter 2 TIBCO BusinessConnect Architecture : Interior Server and Gateway Server Architecture

Interior Server and Gateway Server Architecture
TIBCO BusinessConnect Interior Server is the server on which TIBCO BusinessConnect is installed on top of the other required TIBCO software products: TIBCO Runtime Agent, and TIBCO Administrator.
Multiple Interior Servers can work as a cluster to achieve load balancing and fault tolerance. For a list of all required TIBCO and other third party software products, see TIBCO BusinessConnect Installation and Configuration, Installation Requirements.
TIBCO BusinessConnect Gateway Server is located in the demilitarized zone (DMZ), and functions as the front gate by receiving the inbound transactions from trading partners. It is installed on its own, and does not rely on TIBCO Runtime Agent or TIBCO Administrator. Multiple Gateway Servers can work together for load balancing.
Figure 4 depicts a diagram of the Gateway Server and Interior Server communications.
Figure 4 Gateway and Interior Server Communication
TIBCO BusinessConnect Interior Server
This server is located inside the company’s firewall and performs the following tasks:
TIBCO BusinessConnect Gateway Server
TIBCO BusinessConnect Gateway Server is located in the demilitarized zone (DMZ), and can have several restrictions on the networks it can access.
It is used to host various gateway services such as HTTP/S, FTP/S, SSHFTP, and so on, to receive B2B communications directly from the Internet with security features such as SSL and SSH. The firewall between the Gateway Server and the rest of your system protects against the threat of malicious communications.
TIBCO BusinessConnect Gateway Server is a standalone Java executable that is not dependent either on TIBCO ActiveMatrix BusinessWorks or on TIBCO Runtime Agent installation; however, it still needs TIBCO Enterprise Message Service to communicate with the Interior Server. The Gateway Server can host several components:
File Service   This server provides a central location on your network where you can store and share files.
HTTP Service   This server supports HTTP, HTTPS, and HTTPSCA transports for document exchange.
PartnerExpress Service   This server provides a secure web-based access for trading partners, so that the external users associated with these trading partners can log in and perform simple file uploads and downloads.
FTP Service   With this server, the external users running an FTP Client can connect to the host site, and perform simple file uploading and downloading.
TCM Service   This server provides a web browser interface for trading partners to manage their exchange profiles, and assists the trading host in serving the partners in the trading community. All services are provided through a browser-based interface that allows partners to self-register, modify their profiles, and receive alerts about security and transport updates.
SSHFTP Service   With this server, the external users running an SSHFTP Client can connect to the host site, and perform simple file uploading and downloading.
Interior and Gateway Server Communication
Three types of communication are used between the Gateway and Interior Servers: JMX, DMZ Data Transfer Protocol (DDTP), and TIBCO Enterprise Message Service.
JMX Communication
The management of the Gateway Server is performed by using the JMX management protocol.
On the Gateway Server side, the JMX management port is opened for receiving management instructions from either TIBCO Administrator or TIBCO BusinessConnect Interior Servers. The JMX management port is configurable in TIBCO Administrator when you create the Gateway Server token; the default value is 11000.
JMX communication is used between TIBCO Administrator and the Gateway Servers. When a Gateway Server is started for the first time, an empty service container is started without any gateway services running on it; you can assign Gateway service instances to each Gateway Servers and start them, such as HTTP, FILE, SSHFTP, FTPS, FTP, TCM, and PX, from TIBCO Administrator GUI remotely. Therefore, you do not have to physically access the Gateway Server machines located in the DMZ.
JMX communication is also used between the Interior Servers and Gateway Servers. When an empty Gateway Server container is started, it first publishes a TIBCO Enterprise Message Service message with information about its JMX management port. The Interior Servers listen to the message, and then the JMX communication is established. Examples of the Gateway Server management by Interior Servers include monitoring the Gateway Servers heartbeats; automatically restarting Gateway service instances, such as SFTP, FTPS, HTTPS, and so on, when a Gateway Server is restarted.
DDTP
DDTP is designed for transferring large size messages between Gateway Servers and Interior Servers.
When the inbound message size exceeds the value of the Data Streaming Threshold field configurable on each gateway service's (such as HTTPS, PX, FTPS, and so on) transport configuration, the message data is transferred by using the DDTP transport rather than by using the TIBCO Enterprise Message Service transport.
The DDTP port is opened on the Gateway Servers side waiting for connections from Interior Servers. When a large message comes in from the trading partner side, the Gateway Server publishes TIBCO Enterprise Message Service messages to Interior Servers, with information about the message identification and the DDTP port on which the Gateway Server is waiting for connections. The Interior Server that receives the TIBCO Enterprise Message Service messages initiates a DDTP connection to the Gateway Server and brings back the large message data. By using DDTP, the data is transferred from a DMZ to the interior network in a secure way, without the need of opening a port from the interior network.
The DDTP port, also called Data Port, is also configurable in TIBCO Administrator when you create a Gateway Server token. The default value is 12000.
TIBCO Enterprise Message Service Communication
As described earlier in this section, the TIBCO Enterprise Message Service transport is used between the Gateway Server and Interior Server for many purposes, such as the initial notifications when a Gateway Server is started, and the notification when a large message arrives from trading partners.
Besides this, TIBCO Enterprise Message Service is also used for transferring configurations necessary for starting the gateway services, such as the HTTPS server keys and so on. TIBCO Enterprise Message Service is also used for transferring small size messages between the Gateway Server and Interior Server. The load balancing feature of TIBCO Enterprise Message Service is leveraged by Interior Servers, so the inbound traffic is load balanced between these servers.

Copyright © TIBCO Software Inc. All Rights Reserved
Copyright © TIBCO Software Inc. All Rights Reserved