Signiant Support

13.4 Media Exchange Admin User's Guide Print


Getting Started With Media Exchange

Media Exchange is a web-based application which enables users to securely send, view, and receive large content and media files quickly and reliably. Users can exchange content with other users, systems and applications regardless of the location and size of the digital assets. Media Exchange provides central management that enables complete control and security - all transfers are tracked and visible from a single dashboard and reporting tool. Collaboration is fast, reliable and secure using Media Exchange email, web portal, and workflow features.

images.png

Media Exchange enables users to:

  • Send and Receive Digital Content to other Users of the System as well as "Guests".*
  • Share Content with other Users in a Portal Workspace.
  • Initiate Automated Workflows that are customizable and begin or conclude with Media Exchange.

Media Exchange allows registered users of the system to send or receive sets of files known as packages. The transfer of these packages is performed by Signiant Media Exchange enabled agents which can be located anywhere within your network. Content uploaded by users may be transferred directly to storage on the corporate internal network, or it may be first directed to storage in the DMZ for virus scanning and/or other preparatory work prior to being transferred into the internal network.

If you want to support the publishing of content to pre-determined channels for subsequent download by users, the Media Gateway add-on application is required. This application also provides the ability to automatically distribute and/or publish package based content from a dropbox folder.

* The Media Exchange administrator can control which users can send to guest users.

The following diagram illustrates a general architectural representation of Media Exchange.

mx_overview.png

The overall Media Exchange system is flexible enough to accommodate companies with internal and external users; single and distributed geographic locations. At the heart of Media Exchange is a Media Exchange Manager where the application is configured. From there, an administrator designates Signiant agents as being Media Exchange enabled. These Media Exchange enabled agents will then support uploading and downloading from browser-based Media Exchange end users.

Additional Media Exchange web servers may also be installed at the edges of the corporate network (e.g. in the DMZ )to more easily support guest users and users in multiple geographic locations. The primary benefits of the Media Exchange web servers include: improved performance via placement near geographic centers and improved security by isolating the Signiant Manager on the internal corporate network.

Experienced Media Exchange administrators can create new workflows that perform different activities when media is uploaded using the Media Exchange client. For example, administrators can create a workflow that virus-scans, transcodes, watermarks and delivers as part of the same workflow. These workflows can be assigned to specific users or groups so that these users can direct their uploaded content into specified workflows if and when needed.

Administrators can choose to enable either the Signiant Transfer API or the Java applet for package transfers. The Java applet requires that Java is installed. With the Signiant Transfer API, Java is not required and the API is installed on the web browser. With the Signiant Transfer API, channel subscriptions can only be managed from the Desktop Client.

Media Exchange Web Client

Signiant Media Exchange is a web-based application which enables users to securely send, view, and receive large content and media files quickly and reliably. Users can exchange content with other users, systems and applications regardless of the location and size of digital assets. Collaboration is fast, reliable and secure.

Media Exchange Desktop Client

Signiant Media Exchange Desktop Client extends Media Exchange by providing a very simple application that automates the delivery of content to and from your provider. It's simple to setup, easy to use, and can operate in a lights-out fashion.

Media Exchange Mobile Client

Signiant Media Exchange Mobile Client extends Media Exchange by providing a very simple mobile application that securely automates the delivery of content quickly and reliably.

The mobile client easily allows you to:

  • Subscribe to and automatically receive published content from channel providers.
  • Download and upload packages.
  • View package content.

See the deployment section of the online help for tips on configuring your Media Exchange deployment.


Media Exchange Concepts

You should be familiar with the following Media Exchange key concepts:

  • Users: Media Exchange users are users whose accounts are enabled for Media Exchange.
  • Clients: Ways to access the Media Exchange system including: Web, Desktop and Mobile Clients.
  • Groups: A group is a collection of Media Exchange users.
  • Guest Users: Guest users are external users that are allowed limited access to a Media Exchange network for a specific period.
  • Packages: Packages are groups of files and/or folders that users can send to other Media Exchange users, groups, guest users, or channels.
  • Channels: Channels are containers for packages that administrators create and assign users rights to access. A Media Gateway license is needed to display channels. A Media Exchange channel provider license enables the desktop client to subscribe to channels for unattended uploads and downloads of Media Exchange content.
  • Package Templates: Package templates are administrative templates configured to facilitate data transfer operations between users and channels.

Components of the Media Exchange architecture include:

  • Media Exchange Web Server: Media Exchange Web Servers are systems used for delivering the Media Exchange user interface and providing geographic scalability.
  • Media Exchange Server: Media Exchange Servers are systems used to transfer and store content.
  • Relay Agents: Relay Agents are systems used to secure content from external networks and ease firewall administration.

arch.gif


Media Exchange Web Server

The Media Exchange Web Server can be installed on any host on a network that meets the installation requirements, as long as a Signiant Manager is already installed on the network. The Media Exchange Web Server helps with geographic scalability, allowing administrators to have a central Manager and then one or many distributed Media Exchange web servers (each of which communicate back to the central Manager).

Prerequisites

Before installing a Media Exchange Web server, you must do the following:

  • Make sure you have a Manager installed on your network.
  • Ensure that your system meets the minimum hardware and software requirements
  • Download the sigsetup.inf file to your local system (described as part of the Installing the Media Exchange Web Server procedure)

Port Numbers

The Media Exchange Web Server performs authentication using TCP ports 49226 - 49233. These ports must be open between Media Exchange Web Server and Media Exchange Manager.

Installing

To install the Media Exchange Web Server, do the following:

  1. On the machine that you intend to be your Media Exchange Web Server, copy the installer that you used to install the Signiant Manager.
  2. In the Signiant Manager, select Agents>Install and click Agree on the license agreement.
  3. In the tool bar, click Download inf file.
  4. In the Opening sigsetup.inf window, click Save File.

    Copy this file to the machine that will be your Media Exchange Web Server.

  5. Follow the procedures in Installing the Manager documented in the Manager Installation User's Guide.

    During the installation, when prompted select Media Exchange Web Server and reference the sigsetup.inf file.

Upgrading

A software upgrade stops all processes. During the upgrade, any jobs that you have scheduled will not run. Make sure that you perform your upgrade at a time that will ensure the least disruption to your system. For example, if you have a job that is scheduled to run infrequently (once a week, once a month, quarterly, yearly and so on), do not perform the upgrade on the date and time during which this particular job would run. The job will not run until its next scheduled time, which may be a week, month or year later. The Media Exchange Web Server and Manager must be running the same version.

Do not upgrade the Media Exchange Web Server at the same time as you are upgrading the main Manager. The Media Exchange Web Server upgrade needs to contact the Manager during the upgrade process, which it cannot do if you are upgrading the Manager. Also note that an 'upgrade in place' of Signiant agents associated with the main Manager upgrades the agent that is associated with the Media Exchange Manager, but does not upgrade the Media Exchange Web Server component. You must run a separate standalone upgrade of the Media Exchange Web Server.

Manager Integration

After installing the Media Exchange Web Server software, the host is automatically displayed as an agent in the Manager GUI's agent list. By editing this agent and indicating that it provides web login functionality, it will be displayed as a web server-enabled agent in the Agent list and the Media Exchange Web Server list.


Media Exchange Authentication

Signiant supports authentication against LDAP and Active Directory. For Media Exchange administrators, this means that users can logon to the Media Exchange using their LDAP or AD credentials. With directory authentication enabled you can enable automated assignment of users to specific Media Exchange enabled agents. For example, you can configure the Directory Service so assign all AD authenticated users in the group "RomeUsers" to the Media Exchange agent group "RomeMXAgents".

Enabling Active Directory services on the Manager will enable the 'Global Directory' search option for directory authenticated Media Exchange users. This will allow users to search for and send packages to other users within the corporate directory. Guest users (who are not registered) will be unable to browse the global directory, even if they have the permission to send or forward packages to other users within the corporate directory. By default, searches of the global directory are restricted to the user groups that the sending user belongs to. To support global directory searching, an option to "Ignore group membership" can be enabled. Enabling this option will improve search efficiency and simplify user management, but will open the entire directory to searching. Guest users will remain restricted in their ability to search for other users.

See the About Directory Services section in Chapter 3 in the Manager User's Guide for more information on this topic.


Media Exchange Administration

Before users can use Media Exchange for interpersonal file transfers, the administrator must install and configure Media Exchange using the Manager as detailed below.

Verify Media Exchange is Installed

To verify that Media Exchange is installed, view the list of installed applications on the Signiant Manager. The Media Exchange application appears in the list, with a status of Installed. If Media Exchange is installed, but listed as Not Licensed, license it by following the steps in 'Verify Media Exchange is Licensed'. If it does not appear in the list, contact Signiant Technical Support.

Verify Media Exchange is Licensed

Before configuring Media Exchange, you must license it. To obtain a license for Media Exchange, contact Signiant Technical Support. To license Media Exchange enter the supplied license keys on the Signiant Manager license key screen.

Media Exchange Desktop Client

If your users will be using the Media Exchange Desktop Client, ensure that Signiant Manager and Client can connect to: https://activation.signiant.com/spring/registration/action/welcome. This connection allows your users to always have the latest version of the Media Exchange Desktop Client and enables the processing of subscriptions.

Media Exchange enables administrators to configure user and group permissions to specify the privileges (viewing, editing, deleting) users and groups have to each other. There are numerous scenarios a Media Exchange administrator might want to configure, for example: a group in which members can send only to each other, or a group that can send to itself, but also send to another group.

Media Exchange maintenance is performed by the standard maintenance job. The Maintenance job can remove the following items associated with Media Exchange:

  • Media Exchange Files
  • Media Exchange Packages
  • Media Exchange Expired Guest Users

Media Exchange Web Server Settings

Configuration

To configure Media Exchange settings do the following:

  1. From the Manager, select Media Exchange>Servers.
  2. Select a Media Exchange web server and click the Configure button to open the configuration window.

The Configure Server window tabs and options are described below:

Transfer Profiles

Transfer Profiles are used to configure protocols, bandwidth, encryption level, aggressiveness, and permissions to control user and group access.

  1. Select the Transfer Profiles tab.

    The default transfer profile parameters are:

    • High Bandwidth - Unlimited
    • Medium Bandwidth - Limited 10 Mbps
    • Low Bandwidth - Limited 1 Mbps
    • Behind Firewall
    • Behind Web Proxy

     

  2. Select a profile and click the Edit button to modify its settings or click the Add button to create a new profile (see below for details on adding a new transfer profile).
  3. Click the OK button when complete.

Add Profile - General

When you click Add on the Transfer Profile tab, the Add Profile window is opened. This window has two tabs: General and Permissions.

  1. Enter a name for the transfer profile in the Name field.
  2. Specify the protocols you want to use by dragging and dropping profiles from the Available list to the Selected list. Choose from the following:
    • Signiant Regular = TCP
    • Normal Internet Connection = HTTP
    • Signiant Accelerated = UDP
  3. Drag the protocol or use the up and down arrows to change the order in which the protocols appear. Signiant attempts to use the protocols in the order in which they appear, when transferring files.
  4. Specify the bandwidth limit in the Bandwidth Ceiling field (make sure Unmanaged is not enabled). From the drop-down list, choose the rate in Kbps, Mbps, Gbps, Bps, KBps, MBps or GBps. Click the bandwidth slider icon to calculate the amount of bandwidth as a percentage of standard bandwidth maximums. The percentage you select will appear as the correct value in the Bandwidth Ceiling limit field. Enable Unmanaged to indicate that no bandwidth limits will be applied by this transfer profile.
  5. Specify the bandwidth throttle level in the Bandwidth Throttle field (make sure Unmanaged is not enabled). From the drop-down list, choose the rate in Kbps, Mbps, Gbps, Bps, KBps, MBps or GBps. Click the bandwidth slider icon to calculate the amount of bandwidth as a percentage of standard bandwidth maximums. The percentage you select will appear as the correct value in the Bandwidth Throttle limit field. Enable Unmanaged to indicate that no bandwidth limits will be applied by this transfer profile.
  6. Specify the bandwidth floor in the Bandwidth Floor field (make sure Unmanagedis not enabled). From the drop-down list, choose the rate in Kbps, Mbps, Gbps, Bps, KBps, MBps or GBps. Click the bandwidth slider icon to calculate the amount of bandwidth as a percentage of standard bandwidth maximums. The percentage you select will appear as the correct value in the Bandwidth Floor field. Enable Unmanagedto indicate that no bandwidth limits will be applied by this transfer profile.
  7. Specify an Encryption level. Choose from None, Unsigned or Strong.
  8. In the WAN Accelerator Aggressiveness field, specify how sensitive the profile will be to other network traffic. Choose from:
    • High: Will always attempt to send data at the target transfer rate (specified or dynamically calculated) and not share with other network traffic.
    • Medium: Will always attempt to send data at the target transfer rate (specified or dynamically calculated), however, if other traffic is detected, the agent will share the network.
    • Low: Will always attempt to send data at the target transfer rate (specified or dynamically calculated), however, if other traffic is detected, the agent will drop its transfer rate more quickly and attempt to reattain the target transfer rate more slowly.
  9. Click OK.

Add Profile - Permissions

On the Permissions tab, you can control user and group access to management objects. Access permissions include Read, Edit, and Delete. By default, all users are able to read and edit their own user properties.

To add permissions, do the following:

  1. In the Available Users/Groups list, select the user or groups to add to the Current Permissions list.
  2. Click the appropriate check boxes beside the corresponding permissions.
  3. To remove permissions, in the Current Permissions list, select the user or group you want to remove and click Remove.

The following users/groups have access permissions to the system default profiles:

  • Admin User (Edit, Delete and Read)
  • Media Exchange Guest Users (Read)
  • Media Exchange Users (Read)

Network Profiles

Network Profiles are used to prevent Media Exchange uploads and downloads that originate on internal networks from using network relays.

  1. Select the Network Profiles tab.
  2. Click the Add button to create an internal network profile.
  3. Enter the IP address, subnet mask and optional description in the respective fields. The IP address range and CIDR mask are automatically displayed for the selected network in the field below the table.
  4. Click the OK button when complete.
    Note: If you have deployed Media Exchange behind a load balancer (e.g. F5), and you have defined internal network profiles as described above, the load balancer must be configured to update either the "X-Forwarded-For" or "X-Remote-Addr" fields with the IP address of the external user. Failure to do so may cause external traffic to be considered local by the Media Exchange application, in which case Media Exchange relays will be ignored. If both the "X-Forwarded-For" and "X-Remote-Addr" fields contain IP addresses, the "X-Forwarded-For" field will take precedence.

Email

Email configuration settings are used to associate notification preferences.

  1. Select the Email tab.
  2. In System default authentication actions for sent/distributed packages enable the appropriate preference:
    • Notify the sender that a package was delivered to its destination
    • Send a copy of the recipient's email to the sender.

      The sender will receive a copy of the activation email for any guest users they invite.

    • Notify the recipient that a package is available for download
    • Include the package name and first file name in the email subject
  3. In Message body for sent/distributed packages you can use the default message or edit the message that is sent senders and recipients.
  4. In System default notification actions for downloaded packages enable the appropriate preferences:
    • Notify the sender that a package has been downloaded
    • Include the package name and first file name in the email subject
  5. In Message body for downloaded packages you can use the default message or edit the message that is sent. Using :userName in the message body inserts the name of the user who downloaded the package into the message.
  6. Enable Email Sender to specify that a specific email address and name are used to send the automatic notification emails.
  7. Use the default Email of Media Exchange sender and Name of Media Exchange sender values or edit these to meet your requirements.
  8. To send the email using the On Behalf Of email header, select Include "On Behalf Of" email header. When this option is enabled, the package sender's name is included.
  9. Enable Allow Media Exchange sender to specify interested parties to allow Media Exchange users within Media Exchange, to specify the email addresses of other people to be notified when packages are delivered or downloaded. If this option is not enabled, Media Exchange users cannot use the Interested Parties section within Media Exchange when creating a package.
  10. Enable Allow email users to see To and CC recipients to allow users to view the recipient list.
  11. Click OK.

Package

Package configuration settings are used to associate package deliveries.

  1. Select the Package tab.
  2. Enable the appropriate radio button to specify whether users can forward packages.
  3. You can control the number of times a user downloads a package. Enable either: Allow number of downloads and type a value or Unlimited. The default value is Unlimited.
  4. Specify whether or not special characters in filenames will be substituted with underscores to ensure cross-platform compatibility.

    When special character substitution is enabled, Media Exchange packages that have files with names that contain characters that are not supported on all platforms will have these characters replaced with underscores.  In cases where multiple file names in the same package would be changed to the same final name, a unique number will be appended to the file name before any existing file extension.

    The following characters will be substituted when this option is enabled:

    • :, <, >, |, *, ?, "
    • a trailing space for a file or directory name 

     

    Note that the files will appear with their original name in the Media Exchange interface.  When transferred, the names of the files on disk will be the substituted versions.

  5. To enable the loading of Media Exchange Third Party extensions into the Media Exchange end user interface, click Enable Third Party Package extensions. Note that the Third Party extensions must be previously installed.
  6. Enable Allow all Media Exchange users to view package recipients on the Package Details page to give all users the same viewing rights. By default Media Exchange administrators can view package recipient details on the Package Details page. When this option is not enabled, the package recipient information is hidden from users who are not administrators.

Users

User configuration settings are used to associate user preferences.

  1. Select the Users tab.
  2. Specify the number of days a guest user's account is valid in the System Default Guest User Expiry Time (Days) field.
  3. Specify the how long in minutes a session can remain idle before being logged off by the system, in the System Default Session Timeout (Minutes) field.
  4. Choose the System Default Transfer Job Group into which package uploads and downloads will be placed.
  5. Choose the System Default Workflow Job Group into which Media Exchange Server file transfers will be placed.
  6. Choose the Media Exchange User Browser Plug-in that will be used for package transfers. The options are: Java applet or Signiant Transfer API:
    • Java applet: requires that Java be installed on your device.
    • Signiant Transfer API: does not require Java and is installed on the web browser. Channel subscriptions can only be managed from the Desktop Client. Users must download and install the Desktop Client for automatic delivery of content updates.
    When Signiant Transfer API is selected, you must enter a valid Signiant Transfer API Key. If you have not received your Signiant Transfer API Key, contact your Signiant account representative.
  7. Place a check in the appropriate boxes to specify user functionality. These options control for example if users can send or forward packages, can create guest users on the system, can change their details on the preferences page, allow guest users to extend their expiration date and automatically log into Media Exchange from Signiant Manager.
  8. To add custom HTML links to the Media Exchange footer, enable Add Custom Media Exchange Page Footer and then enter the full HTML URL in Privacy URL, Terms of Use URL, and Support URL (supports either an HTTP URL or HTTP Mailto). You do not need to configure each of these options - you can choose for example, to configure only Support URL and only this link is displayed in Media Exchange.
  9. Click OK when complete.
    Note: Password reset requests are recorded in the Manager log.

Guest User Mappings

Guest users can be automatically associated with a specific Media Exchange Agent based on the user's email domain. This is the agent on which the user's Media Exchange packages are stored.

  1. Select the Guest Users Mappings tab.
  2. Click the Add button and enter an email domain. Example domains:
    • subdomain.domain.com
    • domain.com
    • com
  3. Select a Media Exchange Agent to associate with the domain.
    Note: If a guest user's email address matches multiple values, the most specific match will be used.
  4. Click OK when complete

Media Exchange Packages

Administrators can view and monitor packages sent and received by Media Exchange end users and files sent and received by Media Shuttle end-users. The information displayed in this list provides view details about individual packages and files and provides delete functionality for package and files.

Using the Packages List

The Packages List displays all of the Media Exchange packages and Media Shuttle files that have been sent and received. Double-click an item in the table to view additional details about the file or package. This table can be customized to display only the columns needed. Sort and filter functionality is also available on each table column.

To view the Packages Table, in the Manager, select Packages>List.

Customizing, Sorting and Filtering Table Content

To display the sort, filter and customization menu, hover your mouse over a column heading and click the black arrow. This opens the drop-down menu and displays the table display options.

To add or remove columns from the table, highlight the column name and click the black drop-down arrow. Select Columns in the drop-down menu and enable or disable column names.

To filter content, select Filters and type text on which to filter or select from the options displayed. The table is updated to show only the filtered content. The column on which the table is filtered is in green and the column name is in bold and italic font. To remove a filter, deselect Filters in the drop-down menu.

To sort column content, select Sort Ascending or Sort Descending.

  • Encrypted: this applies only to Media Exchange and indicates if the package is encrypted.
  • Package Name: the name of the Media Exchange package. For Media Shuttle files this shows the sender and recipient(s) of the file.
  • Created On: the date the Media Exchange package was created. For Media Shuttle this is the date the file was transferred.
  • Size: the size of the package or file.
  • Sender: the name of the Media Exchange package sender. For Media Shuttle files this is a username that represents the portal. This name is dynamically created on portal creation.
  • Delivered To Users And Groups: who received the Media Exchange package. For Media Shuttle files this is a username that represents the portal. This name is dynamically created on portal creation.
  • Delivered To Channels: this applies only to Media Exchange packages and shows the channels that received the package.
  • Delivery ID: this column is hidden by default. For Media Exchange packages, each package has a unique Delivery ID, and each time a package is delivered a unique Delivery ID is created for the delivery. With Media Exchange, one package can have multiple Delivery IDs. In Media Shuttle, this is unique identifier for the file.
  • Package ID: this is a unique identifier for a package or a file. One package or file has only one Package ID.

Deleting Packages and Files

The following actions are used to delete packages.

Delete

To delete a package or file, do the following:

  1. In the Packages List select the package you want to delete.
  2. Click Delete.
  3. Confirm the package deletion.

The next time the maintenance job runs, the files contained with the package are removed from disk.

Delete Package From Channel

To delete a package from a channel, do the following:

  1. In the Packages List select the package you want to delete.
  2. Click Delete Package from Channel. For Media Exchange packages, the Select Channel window is displayed, select the channel from which you want to delete the package.
  3. Confirm the package deletion.

Delete A Package Or File From User

To delete the instances of a package or file from destination users, do the following:

  1. Select a package or file and click Delete Package From User. You cannot multi-select packages.
  2. From the Recipient Name field, choose the user(s) you want to remove from the delivery.

    Select the person who you want to send a package to from the list, or search for the recipient by typing a name or email address into the search field, then clicking the search button (or press the Enter key). Select the user in the search results list and click the Choose button to add this user to the recipients list. If your administrator has configured Media Exchange with Active Directory or LDAP authentication services, a drop-down list appears beside the search field. Choose Local Directory to search for users currently registered in the Signiant Media Exchange database, or Global Directory to search for users in your corporate directory. Select more than one user by using Ctrl+click (for multiple non-consecutive users) or Shift+click (for multiple consecutive users).

    The search returns all users who have a first name, last name or email address that begins with the search term. If the user directories contain multiple entries with the same first name, last name and email address, only one of the users will be displayed. Performing a search of the Global Directory with a blank search field will not return any results, while performing a search with multiple words will result in the use of two search terms. For example, entering "van Gogh" will return results if a first name or last name starts with the search term "van Gogh". Entering "Vincent van Gogh" will return results if a first name starts with "Vincent" and a last name starts with "van Gogh" because the search term is split at the first blank character into separate firstname and lastname search terms.

  3. Click Delete.

 

Viewing Content

The following actions are used to view package details.

View Details

To view details for a selected package or file, select the item in the Packages List and click View Details. To view details for a selected file in a package, select the file and click View Details in the Files region of the dialog.

View Jobs

To view processing activity, select the package or file and click View Jobs to display information for the following:

  • Package Processing Jobs: displays the agent-to-agent jobs associated with the selected Media Exchange package, and includes information about the jobs such as when they were created and by whom, and the state of the job (successful, in error).
  • Uploads: displays upload jobs associated with the selected Media Exchange package, and includes information such as when they were created and by whom, and the state of the job (successful, in error).
  • Downloads: displays download jobs associated with the selected Media Exchange package, and includes information such as when they were created and by whom, and the state of the job (successful, in error).

Media Exchange Channels

This chapter discusses how to configure and manage Media Exchange Channels.

Configuration

To enable Media Exchange channels, do the following:

  1. Navigate to Packages>Channels.
  2. Click the Add button to add a channel or click the Edit button to modify properties for an existing channel.
  3. Specify channel information including the name, associated agent, active dates, and storage.

General

To specify general properties, do the following:

  1. On the General tab, enter the following information:
    • Name: The name of the channel.
    • Agent: The agent associated with the channel,
    • Not available before: The date before which the channel is not available.
    • Expires after: The date after which the channel is no longer available.
    • Package Expires In: Optionally set the time period (from package delivery date) after which the package is no longer available. By default Never is enabled. To configure this expiry date, select the duration from the drop-down menu and type a time period. When a package has expired it is hidden from end users but it is not deleted. Packages with this value configured are not impacted by regularly scheduled maintenance.
    • Store Packages in Agent Repository: Package files are stored in delivery folders under the agent's root Media Exchange repository folder.
    • Store Packages in Directory: If the Create Delivery ID Subdirectory checkbox is checked, package files are stored within defined subdirectory delivery folders based on the package's delivery ID. If it is not checked, package files are stored directly in the root of the storage folder specified. Media Exchange Deliveries to this type of folder may overwrite existing content if files names within the package have previously been delivered to this channel.
    • Create Delivery ID Subdirectory: you can enable this option when Store Packages in Directory is selected. This option allows you to store package files within defined subdirectory delivery folders based on the package's delivery ID.
    • Create Package ID Subdirectory: you can enable this option when Store Packages in Directory is selected. This option allows you to store package files within defined subdirectory delivery folders based on the package's ID.
  2. Click OK.

Permissions

Permissions allow administrators to control user and group access to management objects. Access permissions include Read, Delete, and Publish. By default, all users are able to read and edit their own user properties.

To add permissions, do the following:

  1. Select the Permissions tab.
  2. In the Available Users/Groups list, select the user or groups to add to the Current Permissions list.
  3. Click the appropriate check boxes beside the corresponding permissions.
  4. To remove permissions, in the Current Permissions list, select the user or group you want to remove and click Remove.

Administration

The Packages>Channels view is composed of the following administrative actions:

Add/Edit

see: Configuration

Delete

A root channel cannot be deleted. Once you delete a channel any users subscribed to that channel will no longer have access to it. Any packages in that channel will be removed as part of the Media Exchange Maintenance job.

To delete a channel, follow these steps:

  1. Select a channel and click the Delete action.
  2. Click Yes at the confirmation prompt.

Media Exchange Users

When you enable a user for Media Exchange they are able to use their browser, desktop client or mobile client to exchange content with other users and/or upload and download from their Media Exchange Web server (e.g. https:\\mxserver.acme.com\signiant\mx). Following best practices, users should be made members of users groups and assigned to load-balanced Media Exchange server groups rather than a single Media Exchange server. This will greatly simplify scaling of your Media Exchange system.

By default, enabling a user for Media Exchange makes them a member of the a user group called "Media Exchange Users". In a simple system where you want everyone to see everyone, this default setup is useful. When you have more complex needs (e.g. creating an isolated distribution group, dealing with large and distributed systems) you will need to know more information about how to assign users to agents.

Administrators can manually configure users and guest users to use Media Exchange. If directory services are configured so that the default user group is "Media Exchange Users", Signiant automatically enables users for Media Exchange the first time they log in. New users added to Signiant through the Directory Services menu will also automatically be given 'schedule jobs' access to the selected Media Exchange Agent, if auto-mapping is enabled.

Configuring Media Exchange Users

This section provides details on how to configure both Media Exchange users and guest users.

To configure and enable Media Exchange users and guest users, do the following:

  1. From the Manager, select Administration>Users>List.
  2. Click the Add button from the action bar to create a new user or click the Edit button to modify its properties.
  3. Select the Media Exchange tab.
  4. Media Exchange configuration includes the following steps:

Media Exchange User Access

To give a user access to Media Exchange, do the following:

  1. Navigate to Administration > Users > List.
  2. Click Add to create a new user or click Edit to modify an existing user.
  3. Select the Media Exchange tab and on the General tab, do the following:
    1. Select Media Exchange Enabled.
    2. Specify additional information required for agent browsing, transfer, privileges, and email notification.
      • Agent: The Media Exchange-enabled agent to be associated with the user.
      • Allow Agent Browsing: Check this box to enable a user to browse agent directories.
      • Base Directory: Specify the base directory on the selected agent.
      • Transfer Job Group: Select the job group associated with the user's Media Exchange jobs.
      • Default Upload/Download Profile: A transfer profile is a combination of networking protocols and bandwidth settings used to define a service level for Media Exchange package transfers.
      • Privileges: Place a check in the box beside the appropriate user privilege.
        • Allowed to create guest users (Guest users are external users that are allowed limited access to a Media Exchange network for a specific period, and are created when a registered user enters an email address that does not currently exist in the system. Guest users are automatically added to the Media Exchange Guest Users group when created. Accounts that have never been activated are removed from the system upon 30 days default expiry.)
        • Allowed to send packages
        • Allowed to send packages
        • Allowed to forward packages
        • Allowed to subscribe to automatic delivery to the desktop
      • Notify interested parties when this user receives or downloads packages: Check to enable, and enter the email addresses in the corresponding Email box (semicolon delimited).
  4. Select the Notifications tab to configure user notifications when a user sends and receives a package:
    • In Package User sends enable user notifications when a user sends a package. By default the following options are selected:
      • Have been distributed
      • Notify user of failures
      • Have been downloaded
    • In Package User receives enable user notifications when a user receives a package. By default the following options are selected:
      • Are delivered to user inbox
      • Notify user for specified Channels only
      Expand Channels and select the channels to which you want to subscribe the user. You do not need to select the sub-channels - these are automatically selected once you have saved your changes. Upon opening the Notifications tab a second time, you will see that the sub-channels for all selected channels are selected. When a new sub-channel is added, this is automatically selected for subscription as well. You do not need to continuously update channel subscriptions - this is done automatically for you and your users.
  5. Click OK.

Media Exchange Guest User Access

Guest users are external users that are allowed limited access to a Media Exchange network for a specific period, and are created when a registered user enters an email address that does not currently exist in the system. To enable Media Exchange users to automatically create guest users, do the following:

  1. Navigate to Administration>Users>List, select a user and click Edit.
  2. Select the Media Exchange tab.
  3. In the Privileges region, enable Allowed to create guest users.

    Guest users are automatically added to the Media Exchange Guest Users group when created. Accounts that have never been activated are removed from the system upon 30 days default expiry.


Media Exchange Groups

To configure and enable Media Exchange groups, do the following:

A group is a collection of Media Exchange users. To enable group access, do the following:

  1. Navigate to Administration>Users>Groups.
  2. Click Add to create a new group or click Edit to modify an existing group.
  3. Select the Media Exchange tab.
  4. Enable Media Exchange Enabled.
  5. When Media Exchange Enabled is selected, the Allow to subscribe for automatic delivery to desktop option is made available. By default this option is selected. This option allows you to control what your Media Exchange users have access to. This only applies at the group level.
  6. Click the OK button when complete.

To create a restricted group of users within the same organization who can only see one another, do the following:

  1. Create your users as you would normally, but before saving remove the users from the Media Exchange Users Group.
  2. Create a new user group for these newly-created users and place all of your users in this group.
  3. Give the user group access to the appropriate job template where the workflow they will run is found.
  4. Give the user group access to schedule jobs on the Media Exchange agent that you selected for each user and/or group.
  5. Log on as a new user and send a package to the group.

Media Exchange Agents

To configure and enable Media Exchange agents, select the Media Exchange tab and complete the procedures detailed below.

Note: make sure you have enabled Load Balance Members on the General tab before completing the following procedures.

General

To enable Media Exchange on an Agent Group, do the following on the Media Exchange->General tab:

  1. Enable Enable Package Uploads/Downloads and configure the following:
    • Concurrent Transfers: Specified on Media Exchange Enabled Agents, Aliases or Load Balanced Agent Groups. The number of concurrent uploads and downloads that can be performed. This value can be the number of remaining licenses up to a maximum of 10 per Media Exchange Enabled Agent. If no licenses remain and more concurrent transfers are needed, either redistribute existing licenses from other Media Exchange Enabled Agents or contact Signiant to obtain additional capacity.
    • Package Repository Path: The repository path is the directory where Media Exchange content is stored. When an agent is made part of a load balanced group, the package repository is specified as part of the group, and the path specified as part of the agent is ignored.
    • Upload/Download Transfer Profile: The networking protocols and bandwidth used to define a service level for transfers. Administrators create bandwidth profiles when configuring the Media Exchange network preferences. Select a profile for upload/download or choose System Default Profile.
  2. Click OK.

To enable Media Exchange on an Agent, do the following on the Media Exchange->General tab:

  1. Enable Enable Package Uploads/Downloads and configure the following:
    • Concurrent Transfers: Specified on Media Exchange Enabled Agents, Aliases or Load Balanced Agent Groups. The number of concurrent uploads and downloads that can be performed. This value can be the number of remaining licenses up to a maximum of 10 per Media Exchange Enabled Agent. If no licenses remain and more concurrent transfers are needed, either redistribute existing licenses from other Media Exchange Enabled Agents or contact Signiant to obtain additional capacity.
    • Authentication Web Server: The Authentication Web Server is the Media Exchange Web Server which is used for authentication when performing transfers. This could be either the Signiant Manager or a Media Exchange Web Server that has been installed separately. Media Exchange Servers have to contact the Authentication Web Server on TCP 443 in order to perform SOAP authentication.
    • Package Repository Path: The repository path is the directory where Media Exchange content is stored. When an agent is made part of a load balanced group, the package repository is specified as part of the group, and the path specified as part of the agent is ignored.
    • Upload/Download Transfer Profile: The networking protocols and bandwidth used to define a service level for transfers. Administrators create bandwidth profiles when configuring the Media Exchange network preferences. Select a profile for upload/download or choose System Default Profile.
  2. Enable Provide Web Login to indicate that the server was installed as a Media Exchange Web Server. This will list the server in the Administration/Integrations/Media Exchange view.
  3. Click OK.

Relays

Media Exchange relays define a secure network path used for content transfer between external clients and agents. This hides the path to a Media Exchange user's repository.

Additional benefits are:

  • Make use of private network addressing.
  • Aggregate network ports into a single network port.
  • Define the path between machines that have no name to address resolution (e.g. no DNS).

For example, external users can be relayed through a firewall, while internal users need not be. To exclude the use of relays for internal users, administrators must first configure the internal network profile.

The following diagram provides a simplified view of a common Media Exchange deployment that uses a relay to hide the path to the repository from the Media Exchange user's application view.

First enable Media Exchange on the relay agent with a bogus repository path and then configure the network path on the Media Exchange agent to map to the relay agent.

To configure the relay, do the following:

  1. Select the Relays tab.
  2. To ignore relays for corporate or organizational internal networks, enable Ignore relays for internal networks.
  3. To configure and add an internal network, click Configure. The Network Profiles dialog is displayed. Click Add and type the IP Address, Subnet Mask and an optional Description for the internal network. Click OK.
  4. To use the relay rules defined on the members of that group instead of relay rules defined on that agent group, enable Use Media Exchange relays from member agents This applies to Groups only.
  5. Click Add, and specify the agent to relay traffic to in the Relay Address field.
  6. Click Apply.
Note: If you're using a non-standard port on the Media Exchange enabled agent, you must also configure a regular relay rule on the DMZ agent.
Note: Before deleting Media Exchange-enabled agents that also have Media Exchange users, you must transfer those users to a new agent. Revoking the certificate of an agent containing the package repository of Media Exchange users will cause those users to be misconfigured. This can be especially problematic for guest users. You can search for such users by navigating to Administration>Users>List and filter on Media Exchange Enabled = yes and look for users that do not have an assigned Media Exchange agent. These users should be reconfigured with an appropriate agent.

Media Exchange Customization

You may want to replace the Signiant logo with your own corporate logo to customize the Media Exchange end-user interface. The image file containing your logo must be a .png file, and for best results should be a maximum of 60 pixels in height. Signiant does not resize the image, so a too-large or too-small logo may not display well.

To change the Media Exchange logo that appears in the top left-hand corner of the Media Exchange end-user interface, do the following:

  1. Choose a .png file that is a maximum of 60 pixels high.
  2. Rename the file to "header-logo.png".
  3. Copy the file to:
    <install_dir>/3rdparty/jboss/server/default/deploy/mx.war/
    If mx.war does not exist, create it.
  4. Restart the JBoss server with: <install dir>/init/siginit restart sigjboss

Media Exchange Workflow

Workflow developers may want to modify the default Signiant Media Exchange workflow to customize it for their own needs. The following graphic illustrates the sample Media Exchange Workflow included with the Signiant software:

The following components represent the three distinct parts to the Media Exchange workflow.

  • Send_to_Users_and_Categories: This component is used to start a workflow that is triggered by the Media Exchange application. It specifies the package ID, recipients, and categories, and transport options.
  • PackageDistribute: This component is used to perform the file transfer.
  • PackageDeliver: This component initiates notification that the package has been delivered.

Within the Media Exchange components, there are calls made by those components to create, update, query and perform other Media Exchange operations. For detailed information on Media Exchange Workflow Components, see the documentation accessible from each specific component.

Any user with access to schedule jobs from a Job Template Library that begins with a Media Exchange start component will be able to use this workflow in the Media Exchange interface. Name your Media Exchange start component intuitively, since this name will be displayed in the Media Exchange application if the end-user has access to schedule jobs in the containing job template library.


Media Exchange Deployment

The following section provides examples of Media Exchange deployment options detailing pros and cons for each approach.

A Media Exchange Relay agent (as depicted below) can be used to hide the network path to the Media Exchange content being uploaded or downloaded. A Media Exchange Relay agent acts as a single point of entry into the network and is recommended if all your Media Exchange enabled agents are found on the internal network.

The following diagram illustrates a general deployment architecture.

Due to memory limits for Windows Managers, users should be aware of the following Media Exchange scalability limits:

  • Up to 500 Media Exchange submissions per day
  • Up to 15,000 Media Exchange packages in total
Customers who have more than 300 Media Exchange submissions per day should consider changing the Maintenance job to remove inactive Media Exchange packages more frequently than the default.

Media Exchange Deployment Basic Configuration

The following diagram illustrates a basic Media Exchange configuration with the addition of minimal ports:

Configuration Overview

Install the Manager where it is accessible to remote users and configure both Manager and Agents with default options.

Recommended Use

This configuration can be employed for non-production testing or a minimal effort setup. Media Exchange repository storage must be accessible to the Media Exchange enabled agent in the DMZ.

Pros

  • Easiest to configure.
  • Minimizes port usage.

Cons

  • The Media Exchange server may not have access to content that you wish to make available for download.
  • There is no redundancy - a single point of failure exists for uploads/downloads.
  • The Signiant Media Manager is located in DMZ.

Network Notes (for firewall administration)

  • Allow (src Any) to (dst TCP 443 Manager).
  • Allow (src Any) to (dst TCP 49221 Signiant Agent).
  • Allow (src Any) to (dst UDP 49221 Signiant Agent).
  • Allow (src Any) to (dst TCP 80 Signiant Agent).

Media Exchange Deployment Relayed Configuration

The following diagram illustrates a Media Exchange configuration that uses a relay:

Configuration Overview

Install the Manager and Relay Agent where both are accessible to remote users. Enable the relay agent for Media Exchange. Place the Media Exchange server behind the firewall. Location map the user to mxsrv1.acme.com (users are always mapped to their ultimate destination, even if they cannot see it in any way).

Recommended Use

This configuration can be employed when the Media Exchange repository is behind a firewall and you wish to prevent remote users from knowing the IP address of the internal servers.

Pros

  • Minimizes inbound port usage.
  • Can be used to obscure internal server names. User does not need to know or resolve the Media Exchange server.

Cons

  • There is no redundancy - a single point of failure exists for uploads/downloads.
  • Users require access to Signiant Media Manager.

Network Notes (for firewall administration)

  • Allow (src Any) to (dst TCP 443 Manager).
  • Allow (src Any) to (dst TCP 49221 Media Exchange Relay Agent).
  • Allow (src Any) to (dst UDP 49221 to 49321 Media Exchange Relay Agent).
  • Allow (src Any) to (dst TCP 8080 Media Exchange Relay Agent).
  • Allow (src TCP Any Media Exchange Relay Agent) to (dst TCP 49221 Media Exchange Agent).
  • Allow (src UDP 49221-49321 Media Exchange Relay Agent) to (dst UDP 49221 Media Exchange Agent).
  • Allow (src TCP Any Media Exchange Relay Agent) to (dst TCP 8080 Media Exchange Agent).

Notes

  • An agent that is going to act as a Media Exchange relay must be Media Exchange enabled. This is done by enabling this feature when administering an agent.
  • Media Exchange users who will connect to their Media Exchange server via a relay must be able to resolve the name of the Media Exchange relay by hostname.
  • Media Exchange relay paths are defined on the Media Exchange enabled agent (i.e., the source/target of a Media Exchange client connection).
  • The relay agent can also be specified in the relay rule using its IP address (e.g., 10.0.0.1). A hostname does not need to be provided when defining the relay on the Media Exchange agent.
  • The Media Exchange Relay agent and Media Exchange enabled agent must run their services (e.g., Signiant Process Controller (dds_pc) and HTTP server) on the same ports. If you fail to do this, you must define a relay entry on the Media Exchange enabled relay agent (i.e., the host in the DMZ) to instruct it which IP address/port combination it must use to connect to the Media Exchange enabled agent.

Media Exchange Deployment Relayed - Load Balanced

The following diagram illustrates a basic Media Exchange configuration that uses relays with load-balanced Media Exchange servers:

Configuration Overview

Install the Manager and Relay Agent where both are accessible to remote users. Enable the relay agent for Media Exchange. Place the Media Exchange servers behind the firewall. Install using 'Custom' option and provide a common alias. Location map the user to mxsrv1.acme.com (users are always mapped to their ultimate destination, even if they cannot see it in any way).

Recommended Use

This configuration can be employed for:

  • Simple configurations where content is housed on a shared storage system behind a firewall and all users are remote.
  • Each Media Exchange server can handle 10 concurrent downloads/uploads.
  • Each relay agent can handle 30 relayed connections.

Pros

  • Minimizes inbound port usage.
  • Can be used to obscure internal server names. The end user does not need to know or resolve the Media Exchange server.
  • Provides load balanced access to the content store.

Cons

  • A single relay agent may become overloaded.
  • Users still require access to the Media Manager.

Network Notes (for firewall administration)

  • Allow (src Any) to (dst TCP 443 Manager).
  • Allow (src Any) to (dst TCP 49221 Media Exchange Relay Agent).
  • Allow (src Any) to (dst UDP 49221 to 49321 Media Exchange Relay Agent).
  • Allow (src Any) to (dst TCP 8080 Media Exchange Relay Agent).
  • Allow (src TCP Any Media Exchange Relay Agent) to (dst TCP 49221 Media Exchange Agents).
  • Allow (src UDP 49221-49321 Media Exchange Relay Agent) to (dst UDP 49221 Media Exchange Agents).
  • Allow (src TCP Any Media Exchange Relay Agent) to (dst TCP 8080 Media Exchange Agents).

Notes

  • An agent that is going to act as a Media Exchange relay must be Media Exchange enabled. This is done by enabling this feature when administering an agent.
  • Media Exchange users who will connect to their Media Exchange server via a relay must be able to resolve the name of the Media Exchange relay by hostname.
  • Media Exchange relay paths are defined on the Media Exchange enabled agent (i.e., the source/target of a Media Exchange client connection).
  • The relay agent can also be specified in the relay rule using its IP address (e.g., 10.0.0.1). A hostname does not need to be provided when defining the relay on the Media Exchange agent.
  • The Media Exchange Relay agent and Media Exchange enabled agent must run their services (e.g., Signiant Process Controller (dds_pc) and HTTP server) on the same ports. If you fail to do this, you must define a relay entry on the Media Exchange enabled relay agent (i.e., the host in the DMZ) to instruct it which IP address/port combination it must use to connect to the Media Exchange enabled agent.

Media Exchange Deployment Relayed - Multiple Relay

The following diagram illustrates a basic Media Exchange configuration that uses relays with load-balanced Media Exchange servers accessed via Signiant load-balanced relays:

Configuration Overview

Install the Manager and Relay Agent where they are both accessible to remote users. Enable the relay agent for Media Exchange. Place the Media Exchange servers behind the firewall. Install using the 'Custom' option and provide a common alias. Location map the user to mxsrv1.acme.com (users are always mapped to their ultimate destination, even if they cannot see it in any way).

Recommended Use

This configuration can be employed for:

  • Simple configurations where content is housed on a shared storage system behind a firewall and all users are remote.
  • Each Media Exchange server can handle 10 concurrent downloads/uploads.
  • Each relay agent can handle 30 relayed connections.

Pros

  • Minimizes inbound port usage.
  • Can be used to obscure internal server names. A user does not need to know or resolve the Media Exchange server.
  • Provides load balanced access to the content store.

Cons

  • Users require access to Signiant Media Manager.

Network Notes (for firewall administration)

  • Allow (src Any) to (dst TCP 443 Manager).
  • Allow (src Any) to (dst TCP 49221 Media Exchange Relay Agent).
  • Allow (src Any) to (dst UDP 49221 to 49321 Media Exchange Relay Agent).
  • Allow (src Any) to (dst TCP 8080 Media Exchange Relay Agent).
  • Allow (src TCP Any Media Exchange Relay Agents) to (dst TCP 49221 Media Exchange Agents).
  • Allow (src UDP 49221-49321 Media Exchange Relay Agents) to (dst UDP 49221 Media Exchange Agents).
  • Allow (src TCP Any Media Exchange Relay Agents) to (dst TCP 8080 Media Exchange Agents).

Notes

  • An agent that is going to act as a Media Exchange relay must be Media Exchange enabled. This is done by enabling this feature when administering an agent.
  • Media Exchange users who will connect to their Media Exchange server via a relay must be able to resolve the name of the Media Exchange relay by hostname.
  • Media Exchange relay paths are defined on the Media Exchange enabled agent (i.e., the source/target of a Media Exchange client connection).
  • The relay agent can also be specified in the relay rule using its IP address (e.g., 10.0.0.1). A hostname does not need to be provided when defining the relay on the Media Exchange agent.
  • The Media Exchange Relay agent and Media Exchange enabled agent must run their services (e.g., Signiant Process Controller (dds_pc)and HTTP server) on the same ports. If you fail to do this, you must define a relay entry on the Media Exchange enabled relay agent (i.e., the host in the DMZ) to instruct it which IP address/port combination it must use to connect to the Media Exchange enabled agent.

Media Exchange Deployment Hardware Load-Balancers

This chapter explains how to deploy Media Exchange with hardware load-balancers.

Configuration Overview

If you plan to use Media Exchange with hardware load-balancers (or clustered agents), you will need to perform 'Custom' a installation of the Signiant software in order to create proper aliased hostnames. Additionally, see the topic on setting up Internal Networks for Media Exchange to view additional work that may be needed to configure your load balance properly.

Recommended Use

Use this configuration, for example, if you want to provide load-balanced HTTPS traffic to multiple Media Exchange Web servers in a single location.

Implementation Method

  1. Load balance multiple Media Exchange web servers in the DMZ by using 'sticky HTTP' (Also referred to as "Destination address affinity persistence", which supports TCP and UDP protocols and directs session requests to the same server based solely on the destination IP address of a packet). For more information on load balancing and persistence, refer to http://en.wikipedia.org/wiki/Load_balancing_(computing).
  2. Perform a Custom installation and specify a 'common alias' for each of the Media Exchange Web servers (e.g., mxweb.acme.com). Ensure that this common name is externally resolvable in DNS.

Pros

  • While the common alias is not necessary for persistence, it is a recommended approach as it will also allow you to leverage load-balanced (round-robin) DNS without any future changes to server names. For more information, refer to http://en.wikipedia.org/wiki/Round_robin_DNS.

Media Exchange Deployment Highest Scaling

The following diagram illustrates a Media Exchange configuration that uses all the Signiant Media Exchange features to provide the highest availability solution:

Configuration Overview

Install the Signiant Manager in a clustered (high availability (HA)) configuration in the internal network. Install Media Exchange Web Server and Relay Agents accessible to remote users in the DMZ. Install an internal Media Exchange Web server (both Media Exchange Web servers should be installed using the 'Custom' option and configured with matching alias names). Enable the relay agents for Media Exchange. Load balance the Media Exchange Relay agents. Place the Media Exchange servers behind the firewall in a load balanced group. Assign users to the load balanced group (mxservers.acme.com).

Recommended Use

This configuration can be employed in highest scalability and performance environments.

Pros

  • Minimizes inbound port usage.
  • Can be used to obscure internal server names. The end user does not need to know or resolve the Media Exchange server.
  • Provides load-balanced access to relays and content storage.

Cons

  • External user content is placed directly onto internal servers (this can be avoided by assigning external users to Media Exchange agents in the DMZ and creating customized processes to pull this DMZ-delivered content into the internal network. Alternatively, the Signiant Media Exchange Gateway application can be used to automate this process).
  • More complex setup is needed to direct users (via DNS) to internal or external Media Exchange web servers depending on where they are being originated.

Network Notes (for firewall administration)

  • Allow 443 from user to Media Exchange Web server.
  • Allow (src Any) to (dst TCP 49221 Media Exchange Relay Agent).
  • Allow (src Any) to (dst UDP 49221 to 49321 Media Exchange Relay Agent).
  • Allow (src Any) to (dst TCP 8080 Media Exchange Relay Agent).
  • Allow (src TCP Any Media Exchange Relay Agent) to (dst TCP 49221 Media Exchange Agent).
  • Allow (src UDP 49221-49321 Media Exchange Relay Agent) to (dst UDP 49221 Media Exchange Agent).
  • Allow (src TCP Any Media Exchange Relay Agent) to (dst TCP 8080 Media Exchange Agent).
  • Allow (src Media Exchange Web server) to (dst 49226-49233 Media Exchange Manager) .

Notes

  • An agent that is going to act as a Media Exchange relay must be Media Exchange enabled. This is done by enabling this feature when administering an agent.
  • Media Exchange users who will connect to their Media Exchange server via a relay must be able to resolve the name of the Media Exchange relay by hostname.
  • Media Exchange relay paths are defined on the Media Exchange enabled agent (i.e., the source/target of a Media Exchange client connection).
  • The relay agent can also be specified in the relay rule using its IP address (e.g., 10.0.0.1). A hostname does not need to be provided when defining the relay on the Media Exchange agent.
  • The Media Exchange Relay agent and Media Exchange enabled agent must run their services (e.g., Signiant Process Controller (dds_pc) and HTTP server) on the same ports. If you fail to do this, you must define a relay entry on the Media Exchange enabled relay agent (i.e., the host in the DMZ) to instruct it which IP address/port combination it must use to connect to the Media Exchange enabled agent.