Hybrid Connectivity

A TIBCO Cloud™ Integration - Hybrid Agent can establish a tunnel connection to a given app running on TIBCO Cloud Integration. In TIBCO Cloud Integration, you can configure an app to use the tunnel to connect to on-premises resources.

With the TIBCO Cloud Integration - Hybrid Agent, on-premises services, such as JDBC, FTP, or JMS, can be used by TIBCO Cloud Integration apps. The TIBCO Cloud Integration - Hybrid Agent does not require exposing your database or service as a public Internet service, so there are no open ports on your side.

TIBCO Cloud Integration - Hybrid Agent uses the secure Websocket protocol (WSS on top of TLS) as the transport layer between on-premises resources and TIBCO Cloud™. The connection is initiated over HTTPS/WSS using TLS encryption. Once established, the TIBCO Cloud Integration - Hybrid Agent uses a proprietary protocol on top of a secure Websocket connection, ensuring that the caller is authenticated.

TIBCO Cloud Integration - Hybrid Agent Advantages

The TIBCO Cloud Integration - Hybrid Agent architecture provides a number of key advantages over VPN connectivity:

• You can connect to only on-premises or private cloud (private virtual network on the cloud) resources explicitly specified on the TIBCO Cloud Integration - Hybrid Agent command line. No other arbitrary on-premises resources can be accessed from TIBCO Cloud Integration. With VPN connectivity, whatever is exposed by the VPN server is exposed to TIBCO Cloud Integration.
• You do not need service account credentials to run the TIBCO Cloud Integration - Hybrid Agent. For VPN connectivity, you have to add the corporate network VPN information and credentials to TIBCO Cloud Integration. The TIBCO Cloud Integration - Hybrid Agent has more granular authentication requirements than VPN.
• The TIBCO Cloud Integration - Hybrid Agent enables secure communications without the need for you to open ports in your firewall.
• The TIBCO Cloud Integration - Hybrid Agent is lightweight, easy to install, and easy to configure with minimal technical prerequisites. The download is small.
• The TIBCO Cloud Integration - Hybrid Agent’s tunnels are isolated from each other. TIBCO Cloud Integration ensures that only containers corresponding to the app associated with the specified tunnel endpoint can access the on-premises resources.
• You can configure a single instance of a TIBCO Cloud Integration - Hybrid Agent to connect to all internal (private) endpoint resources, or use multiple instances of a TIBCO Cloud Integration - Hybrid Agent to connect to each individual resource.

The TIBCO Cloud Integration - Hybrid Agent provides the following operational benefits:

• Application Scaling: If a TIBCO Cloud Integration app with active tunnel connections is scaled down, the tunnel connections for the deleted instances (app docker containers) are automatically terminated. In a similar way, when an app is scaled up, the TIBCO Cloud Integration - Hybrid Agent process automatically discovers the new app instance and creates a new tunnel connection for the new container.
• High Availability (HA): The TIBCO Cloud Integration - Hybrid Agent is designed to work in HA mode. Multiple tunnel connections can be established at the same time by starting multiple TIBCO Cloud Integration - Hybrid Agent processes on different machines or physical locations, and connecting to the same endpoint. When a given on-premises resource is reachable by more than one tunnel, the first tunnel, in the order of connection, is used, and all others are in standby mode, ready to be used if the first tunnel fails.
• Fault Tolerance (FT): When a tunnel connection fails, for example, due to temporary network errors, the TIBCO Cloud Integration - Hybrid Agent process attempts to reconnect every 10 seconds. If the TIBCO Cloud Integration - Hybrid Agent was started in HA mode (see above), the first available standby tunnel becomes the active tunnel. When the initial tunnel connection is reestablished, the new connection becomes a new standby tunnel.