External Vendor Interfaces

This topic is only applicable to on-premises installations.

Third party vendors use an external vendor interface to Archer to import data into a customer's environment, which open using 1 of the following methods:

Each method has distinct advantages and disadvantages.

For preventative maintenance, it is recommended to implement the reverse proxy option because it provides the cleanest, least-complicated solution, and requires only HTTP/HTTPS traffic to traverse the firewall.

On this page

Reverse proxy

A reverse proxy server sits behind the firewall in a private network and directs client requests to the appropriate back end server. The reverse proxy method provides an external interface for users outside the trusted network, and ensures the smooth flow of network traffic between clients and servers.

The following table describes the advantages and disadvantages of a reverse proxy server.

Advantages

Disadvantages
  • Lightweight
  • Does not allow direct access to Archer servers
  • Benefits from all flexibility and features present in Archer
  • Integrated access control and authentication mechanisms
  • Requires a firewall rule for HTTP/HTTPS traffic to pass from the external proxy server to the inside server
  • May require some further security configuration changes if using Single Sign-On

The proxy then routes those requests to the internal server environment as shown in the following diagram.

Download the source file of the diagram here: Platform - Reverse Proxy Diagram

Reverse Proxy Flow Diagram

Direct mapping in a single environment method

The direct mapping in a single environment method configures Archer to be accessible to both external and internal users, either in an internal, trusted environment, or in the Demilitarized Zone (DMZ).

The advantages of the direct mapping in a single environment method are as follows:

  • Lightweight

  • Better availability, since establishing an HA environment applies to all users, regardless of source

  • Benefits from all flexibility and features present in Archer

  • Integrated access control and authentication mechanisms

The disadvantage of this method is that it creates security concerns because vendors have direct access to environment.

The following diagram illustrates an external vendor interface in a direct mapping in a single environment.

Download the source file of the diagram here: Platform - Direct Mapping in a Single Environment Diagram

External Vendor Direct Mapping Interface

Custom web forms method

The custom web forms method creates a custom web form that runs on an external Web Server. There is no database back end. When a vendor submits the form, Web Services API sends the data to the internal instance.

The advantages of the custom web forms method are as follows:

  • Lightweight

  • Secure; only 1 open port necessary to allow the external server to communicate with the Web Services API on the internal instance

The disadvantages of the custom web forms method are as follows:

  • Lacks benefits from the Archer access control

  • Lacks benefits of the Archer feature set

  • Challenging authentication

  • Requires custom integration code

  • Intermediate saves not allowed before final form submission

  • Requires code modifications to change external static form

  • Requires special provisions for file attachments

The following diagram illustrates an external vendor interface in a custom web forms environment.

Download the source file of the diagram here: Platform - Custom Web Forms Method Diagram

External Vendor Interface Custom Webforms Diagram

2 Separate Environments method

The 2 separate environments method runs 2 independent Archer environments with separate SQL databases. Vendors interact only with the external instance, and the instance transfers that information to the internal instance of Archer.

Data transfer methods include:

  • Manual data export, import, or both
  • Automated submission upon record save
  • Scheduled synchronizations

    Note: Both automated submission upon record save and scheduled synchronizations require an ArcherProfessional Services engagement to create the custom data transportation component.

The advantages of the custom web forms method are as follows:

  • Highly secure (when using manual data export/import) to reasonably secure (automated submission and scheduled synchronizations require only a single port)

  • Draft stages available

  • Benefits from all Archer features

  • Integrated access control and authentication mechanisms

The disadvantages of the custom web forms method are as follows:

  • Requires custom code for the sync component or a user to manually export and import data

  • Requires more robust external hardware and requires a SQL database

  • Requires special provisions for file attachments

The following diagram illustrates an external vendor interface in 2 separate environments.

Download the source file of the diagram here: Platform - Two Separate Environments Method Diagram

External Vendor Interface in 2 Environments Diagram