In production environments, Reflection for Secure IT Gateway components are typically installed using a distributed configuration. The diagram below shows a sample configuration using all components required for both automated Jobs and Transfer Sites. See Job Components and Transfer Site Components for more information about each of these features.
The Gateway Administrator service is required for all Reflection for Secure IT Gateway installations. It should be installed on a system in your internal network.
The Reflection Transfer Server and Reflection Secure Shell Proxy are required for Transfer Sites. These two services must be installed together using the Setup Gateway Proxy feature. These services are typically installed on a system in the DMZ.
The Reflection Hub is required for automated Jobs. This service should be installed on a system running in your internal network.
The number and arrangement of SFTP servers depends on your business needs. These can be any UNIX or Windows servers running SFTP-enabled SSH. The diagram below shows one possible arrangement. Other variations might include:
Scan an internal SFTP server for files and trigger Job Actions that send these files to external servers available to your customers.
Designate an SFTP server as the Transfer Site file server and scan files for Job actions on this same server. With this arrangement you can configure automated Job Actions to act on files that are uploaded to by a Transfer Site user.
Use the Reflection Gateway Proxy as the Transfer Site file server.
NOTE:The Reflection for Secure IT Gateway installer includes the Reflection for Secure IT Server for Windows. Each Reflection Gateway license entitles you to install this SFTP-enabled server on one system. Contact Micro Focus for information about purchasing additional Reflection for Secure IT Servers for UNIX or Windows.