How the Inter-System Gateway service works - Inter-System Gateway 1.1

Inter-System Gateway Configuration Guide 1.1

Applies to
Inter-System Gateway 1.1
Last updated
2023-08-31
Content type
Guides > Plugin and extension guides
Language
English
Product
Inter-System Gateway
Version
1.1

The Inter-System Gateway service runs on a machine that supports OS-level virtualization.

Architecture diagram

The Inter-System (IS) Gateway is a generic Windows service that runs independently of Security Center. To illustrate the operating environment of the IS Gateway, we show it here interacting with the Security Center Restricted Security Area Surveillance (RSA Surveillance) plugin.

In the following diagram, each blue rectangle represents a server machine.

(Windows service) Inter-System Gateway Docker Engine Web Browser Container Registry Tracking system (perimeter protection or intruder tracking) Genetec™ Container Image List Provider ISG API RabbitMQ message broker Metadata Device- specific port 5671 4242 4242 2375/2376 RSA Surveillance plugin Security Center Server Application that benefits from the IS Gateway Driver Container Driver Container Driver Container Driver API Docker API Azure Azure 443

Architecture components

The following describes the components illustrated in the architecture diagram.
Inter-System Gateway
The IS Gateway runs on a dedicated server and communicates with the RSA Surveillance plugin through the RabbitMQ message broker.

The IS Gateway service interacts with the containerized tracking system drivers and feeds the information they generate to the RSA Surveillance plugin role running on a Security Center server.

In particular, it takes care of the following:
  • Web portal for the configuration of the service itself and of the drivers it interacts with.
  • Communications with the RSA Surveillance plugin though the RabbitMQ message broker.
  • Gets the available container images from the Container Registry.
  • Communications with the Docker Engine using the Docker API through HTTP (default port = 2375) or HTTPS (default port = 2376).
  • Communications with the driver containers through the Driver API.
Web Browser
You need a web browser to configure the IS Gateway service. Only Chromium browsers, such as Google Chrome, Microsoft Edge, and Firefox, are supported.
Genetec™ Container Image List Provider
The Genetec™ Container Image List Provider is a service developed by Genetec Inc. to retrieve the list of supported container images from the container registry. This service is hosted on Azure by default. If your IS Gateway server does not have Internet access, you can store the list of supported container images on a local drive.
Tracking system
A tracking system is a device or a system of devices used to monitor restricted areas to detect intrusions. There are two categories of tracking systems. The first detects perimeter violations using sensors on the perimeter fence. The second detects foreign objects entering and moving through a restricted area using radar, lasers, cameras that have video analytics, and thermal sensors.
Driver container
A driver container is the container used to run the driver for a specific tracking system. Driver containers are hosted on the Docker container platform. A driver container communicates with a particular tracking system and sends the information it generates to the IS Gateway using the ISG API.
Docker Engine
Docker Engine is the technology behind the container platform supported by the IS Gateway service. In the context of IS Gateway, a container platform is called a docker engine. If your system have a large number of tracking systems, you can create multiple docker engines to distribute the load.
Container Registry
The container registry is the cloud service that stores and distributes production container images. Each docker engine connects to this registry through port 443 and downloads the images it needs locally.