December 15, 2015 | Written by: Galen Keene
Categorized: What's New
Share this post:
With the release of version 1.4.0, IBM Secure Gateway for Bluemix announces a number of key changes we believe you’ll enjoy! We’re bringing you changes in the areas of infrastructure and security, high availability support for the client, the ability to support multiple gateway connections per client instance, bi-directional connections, and some UI enhancements. In case you missed our interim releases, you’ll also see new installers for MacOS & Windows.
Let’s take a quick look at what will be available starting with version 1.4.0.
Infrastructure and Security
We have transitioned our servers onto bare metal machines. This will allow us to have greater control over our own support system as well as increase robustness and stability across the entire service.
In an effort to provide more robust security around your gateways and clients, we have begun embedding expiration dates within the JWT associated with a gateway. When a gateway is created, a JWT is created with a default expiration date of 90 days from the creation date; however, if you want that to be shorter, longer, or even if you never want it to expire, you can specify that during the creation process.
High Availability Support: With this release, the Secure Gateway Client now supports high availability. Be connecting multiple clients to the same gateway, all destination supported by that gateway will now be distributed in a round-robin fashion between the connected clients. In this way, if one client goes down, there can be another one available to pick up the slack immediately.
Multiple Gateway Connections: Hand-in-hand with the high availability, we now also provide a new mode of functionality on the client. The new multi-gateway client will allow multiple gateway connections to be created from a single client instance rather than requiring a new client for each gateway connection. If you wanted to take advantage of the new High Availability with the multi-gateway client, you could create multiple connections to the same gateway in the client and then interact with them all from a single, unified interface, rather than juggling multiple single-gateway clients.
While the interactive experience of the multi-gateway client is largely the same as the single-gateway client, there are some differences in how existing commands are passed to the various connections as well as some new commands unique to the multi-gateway client. For more information on starting up a new client in multi-gateway mode, see Interacting with the Secure Gateway client. For more information on interacting with a multi-gateway client, see Secure Gateway client interactive command-line interface.
Bi-directional Connections: With our traditional on-premises destinations, we are capable of providing a cloud access point to an on-premises resource. By combining the traditional on-premises destination with our new cloud destination, we achieve complete bidirectional support. The new cloud destination allows an on-premises service/application to send information/requests to a cloud application via the Secure Gateway Client.
Alongside all of our client changes, the UI has been updated in quite a few places as well. In order to provide more consistency between our display of gateways and destinations, we have moved the ‘Add Gateway’ option into a button that appears in-line with any existing destination.
In tandem with our bidirectional support, we have added a new option for you when creating a destination. If you would like to create a traditional destination to an on-premises resource, you can select the on-premises destination option; otherwise, you can select the new cloud destination. The new type of destination will be the same as the on-premises destination with the exception of a new field to define which port the Secure Gateway Client will be listening on.
Previously, once a gateway was created, there was no way to update any of the associated information. With the addition of embedded expiration dates in the gateway’s JWT, we have also provided a way to modify the details of a gateway. From the Edit Gateway panel, you can update the description, decide whether or not a newly connected client will require the JWT, if you want your JWT to contain an expiration date, or if you want a new JWT all together with your new expiration date.