Communication with target systems
Bravura Security Fabric uses one or more of the following methods to communicate with a target system:
Published APIs made available by the third party vendor
This is the preferred method. Bravura Security Fabric uses the native methods and protocols of the target system. Communication to the target system is the same as if it were coming from a regular client of the system. This maintains the same level of security that the target system uses.
Some examples of systems that have an API are:
Microsoft Active Directory
Microsoft Windows server
Remedy ARS
Oracle Database
Socket listener on the target system
If there is no API available to be used, a socket listener (or service) can be installed on the target system. The listener allows the Bravura Security Fabric server to communicate securely with the system. Bravura Security Fabric includes socket listeners for several; for example:
Unix (Solaris, HP-UX, Linux)
OS/390 mainframe
Command-line executable scripting
If the target system provides a command-line executable that can perform operations, Bravura Security Fabric can run this program from a script.
SSH scripting
Bravura Security Fabric can integrate with systems that are accessed using SSH (Secure Shell) protocol. Any SSH-enabled system can be targeted as long as the passwords can be managed from the command line. Both SSH1 and SSH2 protocols are supported.
The SSH protocol is available on most Unix systems. Unlike the Unix connector, the SSH scripted connector does not require any Bravura Security software to be installed on the target system.
Pre-configured scripts are provided with Bravura Security Fabric for certain platforms (e.g. Cisco, Juniper, Linux).
Python scripting
Integration via Python scripts uses a Python script module file that includes functions for each operation and connection details.
The Python connector reads a Python script file which defines the functions. The connector refers to functions that you implement in the script for each operation.
HTTP/Telnet scripting
If none of the above options are available, then Telnet scripting may be used.
Telnet scripting is the least reliable and least secure method of communication to target systems. These would be "screen scraping" integrations that are most fragile because any change in the downstream system’s interface can cause major problems. The SSH method is more secure because the service it connects to uses an encrypted connection, whereas the Telnet service uses no encryption.
To use the Telnet method, you must create a send-and-receive script that knows how to talk to your specific system.
Some examples of systems that you can use a Telnet script with are:
Unix (SSH scripting is the preferred method)
OS/390 (the socket listener method is preferred)
Network devices