Architecture

A single instance of Central Governance can be deployed on one computer per network. The system supports active-passive resiliency in a clustering environment to bring another instance of Central Governance online if the primary fails. The following illustrates the architecture.

The following provides a high-level description of the Central Governance nodes. A node represents processes that deliver one or more services.

Core services

Supports the Central Governance graphical user interface, identity management and management of all functions related to product configuration and flow definition.

Access and security

Provides a role-based access control model for the product and flow governance. It manages authentication and permissions Transfer CFT users that are registered with Central Governance. Optionally, it can integrate with an LDAP server for externally managed users and their credentials, while authorization is based on role mapping.

The service also manages certificate generation for Transfer CFT and flow certificate distribution across managed products.

Agent

Supervises all Central Governance nodes. The main entry point of Central Governance, it starts, stops, and monitors nodes. The agent also deploys configurations and applies updates.

If a node fails and the status changes to crashed, the Agent will try to restart it. If the node cannot be restarted, the Agent stops all the other nodes, and the status of Central Governance changes to crashed.

Additionally, there is the Transfer CFT connector, a plugin used as a proxy to connect to local or remote Transfer CFTs. Central Governance can communicate with few or many Transfer CFTs.

This version of Central Governance is compatible with Transfer CFT 3.1.3 and higher, and SecureTransport 5.3.6 and higher.

Transfer CFT support includes the following operating systems: UNIX, Windows, IBM i (OS/400), HP NonStop, and z/OS (MVS). As a reminder, OpenVMS is not supported.

Central Governance has an embedded database for internal storage, which is a NoSQL MongoDB database for Central Governance configuration data, including policies, flows and partner definitions.

 

Central Governance | Document Directory

Related Links