Responsibility Layer

With Stonebranch UDMG SaaS:

• Stonebranch fully manages all back-end resources.  SaaS customers have no access to the back-end servers, databases, or other resources.
• All customer access occurs via the UDMG Admin UI or API.  Customers are responsible for their business configuration and the synchronization between environments, and user/group management.  This includes ensuring that secure passwords are used.

By contrast, customers that perform an on-premise UDMG installation are responsible for every aspect of their environment.

Server Time Zone

Authentication

For Stonebranch UDMG SaaS, customers must use:

• Local users

Networking

Stonebranch UDMG SasS customers can only run workload in conjunction with Stonebranch SaaS for Controller and consequently with agents they connect to the Controller or via API.

All B2B file transfers will have one end in the Stonebranch UDMG SaaS architecture and may require additional networking configuration for the connections to happen.

Based on the customers networking requirements/restrictions, firewall modifications may need to be implemented to allow communication between the partners and the Stonebranch back end.  

One example of this is modifying an on-site firewall to allow outbound connections to an IP:PORT provided by Stonebranch.

There currently are two connectivity options:

• Agents connecting to the Stonebranch SaaS Controller via TLS over the internet.
• Site-to-site VPN between Stonebranch and customer data center.

If site-to-site VPN is requested, customers must work with Stonebranch for implementation by providing the following information:

• Gateway vendor to be used (for example: Cisco, Palo Alto, SonicWALL, Check Point).
• IP(s) used for their public-facing gateway.
• Private subnet to be used (for example, 172.16.0.0/16).