Overview

Stonebranch UDMG SaaS is the Universal Data Mover Gateway hosted by Stonebranch in the AWS Cloud.

Stonebranch UDMG SaaS contains the exact same set of functionalities, features, and Web GUI as an on-premise installation.

This hosted solution is fully managed by Stonebranch, including installation and regular upgrades to newer releases. This relieves SaaS customers of server and platform management and allows them to focus on defining file transfer endpoints and rules via the Web GUI.

Differences between an on-premise installation and a Stonebranch SaaS deployment are explained in the following table.

Stonebranch SaaS Specifications

Specification	Information on Stonebranch SaaS
Responsibility Layer	With Stonebranch UDMG SaaS: Stonebranch fully manages all back-end resources. SaaS customers have no access to the back-end servers, databases, or other resources. All customer access occurs via the UDMG Admin UI or API. Customers are responsible for their business configuration and the synchronization between environments, and user/group management. This includes ensuring that secure passwords are used. By contrast, customers that perform an on-premise UDMG installation are responsible for every aspect of their environment.
Server Time Zone	The default (best practice) time zone for Stonebranch UDMG SaaS is UTC (Coordinated Universal Time). However, customers can decide which time zone that they want Stonebranch UDMG SaaS to use.
Authentication	For Stonebranch UDMG SaaS, customers must use: Local users
Networking	Stonebranch UDMG SasS customers can only run workload in conjunction with Stonebranch SaaS for Controller and consequently with agents they connect to the Controller or via API. All B2B file transfers will have one end in the Stonebranch UDMG SaaS architecture and may require additional networking configuration for the connections to happen. Based on the customers networking requirements/restrictions, firewall modifications may need to be implemented to allow communication between the partners and the Stonebranch back end. One example of this is modifying an on-site firewall to allow outbound connections to an IP:PORT provided by Stonebranch. There currently are two connectivity options: Agents connecting to the Stonebranch SaaS Controller via TLS over the internet. Site-to-site VPN between Stonebranch and customer data center. If site-to-site VPN is requested, customers must work with Stonebranch for implementation by providing the following information: Gateway vendor to be used (for example: Cisco, Palo Alto, SonicWALL, Check Point). IP(s) used for their public-facing gateway. Private subnet to be used (for example, 172.16.0.0/16).

Shared Responsibility Layer

Owner	Responsibility	Components
Customer	Security "in" the Cloud	Users Credentials Local Servers Workload Transfer Rules Rule Tasks Transfers API calls Integrations
Stonebranch	Security "of" the Cloud	Application Infrastructure Servers Databases Networking

Browser not supported