Security Fencing in OpenBots Server
One of the common features that is needed by deployment architects for our OpenBots server is to make sure that the environment is very secure.
To secure these orchestrators which are web applications people use firewalls, they use reverse proxies and different kinds of network architecture whatever is needed in your organization to ensure there is no unauthorized access for these HTTP endpoints by unauthorized consumers that could be within your organization or outside your organization, so the security fencing feature allows you to integrate with the network environment.
What it essentially tells you is you can be in one of the modes, security mode first thing is it can be on allow all mode or deny all mode.
The allow all mode simply says that it is going to allow everybody and you are going to start creating a deny list and you can go ahead and say whos deny, the other part is the deny all mode which is where everybody is denied and you just say whos allowed and whos not. That is exactly what this configuration will do and then you add rules about which specific IP, IP ranges or headers are allowed so if you look at the usage you can say okay this one is in the deny all mode so were going to allow a specific end point to talk to the orchestrator. You can either give a specific IP or a cidr IP range.
Other than that you can do that for ipv6 or ipv4 or you can also give http headers if you are integrating reverse proxy and the reverse proxy can add an http header. You can do that and then the system will only respond to those http headers. Anybody else trying to call this specific orchestrator will get an error.
This is one feature that allows you to contain your orchestrator and make sure environments are segregated and secure and no unauthorized access can actually happen within the infrastructure.
If you would like to be trained by our developers CLICK HERE and select one of our Citizen Developers Jumpstart programs. If you want individual training select the SOLO Jumpstart and if you want to train your team select the Team Jumpstart.