System Architecture

Send-It Confidential is most commonly deployed using a 3 tier J2EE architecture. This deployment was used on our secure server to deliver Send-It Confidential as a SAS (Software as a Service) model. Currently OC4J and Glassfish v3 are supported and additional application server support is planned.

Communication between Send-It Confidential and the message Server

Send-It Confidential passes ODBC commands to an internal data marshaling module which converts them to an HTTP stream and posts to the message server. The web server identifies the stream is addressed to the application server and passes it through a firewall to the application server. A servlet on the application server unpacks the stream, converts it to JDBC and runs the JDBC commands against the Cache DBMS. Returning data follows the same process in reverse.

The Send-It Confidential client uses Port 80 to connect to the Web Server. A different port is used between the application server and the database server. A firewall with protocol blocking is placed between each tier level. Performance is exceptional - downloads are commonly 20% faster than FTP.

Deployment

Send-It Confidential is never installed. It's a virtualized application with its own on board registry, virtual file system and embedded .NET 3.5 SP1 framework.  The entire system sits in a single directory which can be dropped onto a drive and is immediately ready to run. This removes all obstacles from UAC and means that deployment doesn't require administrator privileges. To uninstall the system, just delete the directory and it is completely removed from the host system. Nothing is left behind.

Mirroring

Using Intersystems Cache database 'mirroring' technology the system can use IP switching to maintain up time when a server is taken offline for maintenance or in the case of hardware failure.

Data Center Security

All data stored within the Cache database is stored encrypted and is encrypted again by the Cache database engine with a completely separate and unique encryption key. System administrators have no access to messages, nor do staff at the data center. The only access to messages is through the Send-It Confidential application and all access can be monitored by message senders.

Send-It Confidential Stand Alone Deployments

Deploying the system onto your infrastructure is simple. Regardless of the size of the deployment, the set up of the server will take around 30 minutes.

Send-It Confidential clients don't need to be individually configured to connect to the Send-It Confidential Server. The system administrator creates an encrypted script containing connection information, which is distributed with the Send-It Confidential client software. If multiple connections are needed, these can be set up before the software is distributed, or scripts can be imported at the login prompt.