Secure Gateway

Secure gateway provides an intermediate connection between the gateway client and BigFix AEX through which users can query the clients which would be installed on customer sites on an encrypted connection. This is required for connecting with application which reside on premise or are not exposed to the internet and need to communicate with a BigFix AEX tenant through APIs. The gateway also has a server for serving updates to client apps and uploading new client builds.

1. The secure gateway client should be downloaded and installed on the relay server which will host the gateway.

1. To download the Gateway Client, go to your tenant’s integration page and open the connector for gateway and click on Download Client Application. After that, the download page for the Gateway Client will open in a new tab and you can download the latest build of the client.

1. Open the configuration page for the secure gateway, click on generate new key and then click on Download Gateway Application to download the client. Copy the newly generated key.

1. On clicking the download button mentioned in the previous point, you will be redirected to the download page, which will provide the link for the latest stable executable installer for Windows. (Only applicable for Windows machine)

1. Open the downloaded executable and it will install the application in your system. When the installation is finished, the app will start up and will show the following page:

1. Paste the key generated in step 3 in the product key input to activate the application. Once the key is entered, click on Verify button to activate the client. On activation, you’ll see the following screen.
2. The endpoint table which will show all the endpoints that will be added to the application.

1. To add a new end point or an application to connect with, click on New Endpoint on the top of the screen to open the endpoint form.

1. Based on the application, API, and access type, you can choose the Authorization type for the endpoint from the dropdown. The currently supported auth types are SCCM, Basic Auth, API Key and Bearer Token. As for the API method, GET, POST, PUT and DELETE methods are available. After the credentials are entered, click on Add Endpoint to add it.

1. The endpoint table will look like follows after an endpoint has been added. The table also shows the unique Endpoint ID created for the endpoint which will be used to relay requests to the client since the endpoint credentials are not meant to be leave the customer environment.

1. You can also edit the endpoint details or delete the endpoint itself using the two icons under the Actions column for each added endpoint.

1. If you add an endpoint with SCCM credentials, you’ll also get icon besides the auth type under Authorization column which will have the scripts that can be executed for that SCCM client.

1. SCCM activities and queries are triggered using specific scripts. A copy of these out of the box scripts is created whenever a new SCCM endpoint is created. To view these scripts, click on the open scripts icon.

1. Although these scripts work out of the box, customers can make changes to these copies of scripts for this endpoint based on their configuration. To do this, click on the edit icon for any script and you’ll be shown a modal where you can edit the scripts:

1. For updating the gateway client, you’ll find the Auto Update toggle on the top bar, which you can enable so that latest version of the Gateway Client. You can click on the red cross icon to minimize the application to the tray.

1. Auto Updates can also be toggled via the tray icon: