Scribd
Upload
352 views

Informatica Cloud Platform - kb570422

The document provides an overview of the Informatica Cloud platform and its key components. It includes diagrams showing the architecture and data/metadata flow. The security overview section outlines how metadata and traffic between cloud services and agents are encrypted and secured.

Uploaded by

BeneMS
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
352 views

Informatica Cloud Platform - kb570422

The document provides an overview of the Informatica Cloud platform and its key components. It includes diagrams showing the architecture and data/metadata flow. The security overview section outlines how metadata and traffic between cloud services and agents are encrypted and secured.

Uploaded by

BeneMS
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 3

Informatica Cloud

Administration Monitor Design & Develop


Application
Administrator Integration Monitor Discovery IQ Data Integration Integration Hub
Console

Operational Application
API Manager API Portal
Insights Integration
Integrated Orchestration
Runtime Data Integration Analytics, operational Tasks, Mappings, Process, Topics, Publications,
User Access Running Jobs,
SAML Setup Environments Connections & Diagnostics, Best monitoring Task flows Connections, Service Subscriptions
Control Session Logs
Config Schedules Practices Connector
Predictive analytics

Metadata Repository Services Load Balancer


Cloud Hosted Process Engine
(Designs, Connections, Schedulers & Other Configurations)

Secure Channel

Secure Agent Secure Agent


Agent
Manager Java UI client used to manage (start,
Agent Manager Agent Manager stop, proxy config) secure agent
Info on Agent
Secure Agent Group

Agent Core Agent Core Resilient ever-running single-threaded


Process Engine Logs Agent Core process checks for upgrades and
Tomcat Tomcat manages Tomcat process
Channel Client,
Agent Core Logs Channel Client,
Data Integration Data Integration
Metadata, Metadata,
Server Server Channel
Catalog Catalog
Session Logs Client Provides secure, resilient communication
to IICS channel servers
Process Server CIH Processor User Parameters Process Server CIH Processor
Catalog &
Connections, Schedules rDTM Catalog for Database DDL support and
rDTM for Data Transformation
rDTM rDTM
Used to fetch metadata for files,
Metadata databases, ODBC endpoints, IICS toolkit
endpoints

Access Points & Connectors

File
Special DB & App HTTPS, HTTP
FTP JMS JDBC/ODBC
1 © Informatica. Proprietary and Confidential. Connectors REST/SOAP
SFTP
Security Overview
1. Metadata

➢ Metadata sits on multitenant Informatica cloud. This data is separated by


Client & by Org
➢ All metadata including connection credentials are encrypted at rest using
AES 128-bit Encryption

2. Cloud Services

➢ Metadata traffic between cloud services and secure agent uses TLS with
128-bit certificates (encryption at transit), SSH & IPsec Protocols
➢ Integrations hosted on Informatica Cloud Process Engine can optionally be
configured to execute without data persistence

3. AAA – Authentication, Authorization & Audit

➢ Single Sign-On and Logout Service via Customer’s Identity Provider


➢ Trusted IP / IP Whitelisting
➢ Fine grained access control for User Roles & User Groups
➢ All user related activities are logged and available for audit

4. Secure Agent

➢ Secure Agent - Deep Security with company’s own app agent


➢ Secure Agent communicates with Informatica Cloud using secure channel,
no firewall configuration needed
➢ Secure Agent uses port 7443 for https and 7080 for http to expose CAI
services

5. Informatica Cloud Platform

➢ Connections are secured via Secure Shell Version 2(SSH 2.0)


➢ Access control and alarm systems, two-factor authentication
➢ Codes of conduct, confidentiality agreements, and background checks

2 © Informatica. Proprietary and Confidential.


User Access Governance

Authorization & Authentication Role Based Access Control Logons

Users Groups Roles


Layer Users System
SSO SSO or
(SAML Trusted IP Cloud
2.0) Service
Designer Cloud Native users
USER
USER 11
Account
DEVELOPER
with
DEVELOPER
Role Based RBAC
Access Task Executor
Personal
USER 2 Account
Signing SUPPORT
SUPPORT Secure with read Service
certificates Audit Log
Agent (VM) only access Account
Monitor
Monitor to folders /
USER 3
config files
ADMIN Admin
ADMIN

Group to Role
Standard Group Informatica Roles Mapping
Administrators • Admin
Operations • Data Integration Task Executor
• Monitor
• Operator
• Service Consumer
Developers • Designer
Business Managers • Business Manager

3 © Informatica. Proprietary and Confidential.

You might also like