The Inter-System Gateway service runs on a machine that supports OS-level virtualization.
Architecture diagram
The Inter-System (IS) Gateway is a generic Windows service that runs independently of Security Center. To illustrate the operating environment of the IS Gateway, we show it here interacting with the Security Center Restricted Security Area Surveillance (RSA Surveillance) plugin.
In the following diagram, each blue rectangle represents a server machine.
Architecture components
The following describes the components illustrated in the architecture diagram.
- Inter-System Gateway
- The IS Gateway runs on a dedicated server and
communicates with the RSA Surveillance plugin through
the RabbitMQ message broker.
The IS Gateway service interacts with the containerized tracking system drivers and feeds the information they generate to the RSA Surveillance plugin role running on a Security Center server.
In particular, it takes care of the following:- Web portal for the configuration of the service itself and of the drivers it interacts with.
- Communications with the RSA Surveillance plugin though the RabbitMQ message broker.
- Gets the available container images from the Container Registry.
- Communications with the Docker Engine using the Docker API through HTTP (default port = 2375) or HTTPS (default port = 2376).
- Communications with the driver containers through the Driver API.
- Web Browser
- You need a web browser to configure the IS Gateway service. Only Chromium browsers, such as Google Chrome, Microsoft Edge, and Firefox, are supported.
- Genetec™ Container Image List Provider
- The Genetec™ Container Image List Provider is a service developed by Genetec Inc. to retrieve the list of supported container images from the container registry. This service is hosted on Azure by default. If your IS Gateway server does not have Internet access, you can store the list of supported container images on a local drive.
- Tracking system
- A tracking system is a device or a system of devices used to monitor restricted areas to detect intrusions. There are two categories of tracking systems. The first detects perimeter violations using sensors on the perimeter fence. The second detects foreign objects entering and moving through a restricted area using radar, lasers, cameras that have video analytics, and thermal sensors.
- Driver container
- A driver container is the container used to run the driver for a specific tracking system. Driver containers are hosted on the Docker container platform. A driver container communicates with a particular tracking system and sends the information it generates to the IS Gateway using the ISG API.
- Docker Engine
- Docker Engine is the technology behind the container platform supported by the IS Gateway service. In the context of IS Gateway, a container platform is called a docker engine. If your system have a large number of tracking systems, you can create multiple docker engines to distribute the load.
- Container Registry
- The container registry is the cloud service that stores and distributes production container images. Each docker engine connects to this registry through port 443 and downloads the images it needs locally.