Smart Bridges (Optional)
SmartBridges are secure communication gateways designed to connect distributed network infrastructure to centralized management systems. They primarily serve to:
- Establish encrypted tunnels through corporate firewalls without requiring inbound port openings
- Support Bridge-to-Server (outbound HTTPS connections) and Server-to-Bridge (for specific use cases)
- Enable secure management of devices across multiple network boundaries
- Function as lightweight virtual appliances
- Use unique authentication tokens for secure pairing
ThirdEye supports two modes for the connection of Smart Bridges to the core server:
- Bridge-to-Server
- Server-to-Bridge
All connections are via HTTPS, so wire traffic is encrypted end-to-end.
Server-to-Bridge
This connection mode is primarily useful for internal networks (LAN/WAN) in which there are no intervening firewalls between the core server and the SmartBridge. In this mode, the core server will initiate contact with the SmartBridge; the SmartBridge will never initiate connections to the core server.
If there is a firewall between the SmartBridge and the core server, then a hole must be punched in the firewall to allow ingress (in-bound) HTTPS connection initiation from the core server.
The following diagram shows various scenarios in which firewalls are present in one network, in both networks, or absent.
Connection Token
LogicVein introduces the concept of a Connection Token. This is a unique token is generated for a SmartBridge at the time that the SmartBridge is first configured on the core server.
If a SmartBridge is configured to use Bridge-to-Server mode, then the core server will not accept an in-bound connection from a SmartBridge unless it first presents its unique token. This prevents random or malicious connections to the core server.
If SmartBridge is configured to use Server-to-Bridge mode, users can choose not to use Tokens. However, we recomend using Connection Tokens for security reasons.
SmartBridge Installation
The installation of SmartBridge is almost identical to the installation of the Core Server, the only difference being the files used for the installation.
Example:
Core server file name: lvi-core-2024.03.0-202406180814-appliance.ova
Smart bridge file name: lvi-bridge-2024.03.0-202406180814-appliance.ova
After installation, refer to the Configuring Network Settings for instructions on configuring the network.
Add SmartBridge to Core Server
Register SmartBridge on the core server. After registering SmartBridge, a token will be automatically generated.
- Login to the core server as an Administrator and click [Settings] in the Global Menu.
- Select the [Smart Bridges] category in the left sidebar of the [Server Settings] window, and click the
button to add a new Smart Bridge.
- Enter the name for the Smart Bridge
- Click [Connection].
When you select [Server to Bridge], you have to enter a “Host or IP” address and “Port” for the bridge.
-
Click [OK].
-
Copy token.
The new Smart Bridge will appear in the table, and below the table you will find the Connection Token.
- Click [OK].
Now that SmartBridge is registered with the core server, you need to provide the core server information and token to SmartBridge.
SmartBridge Settings
Set the core server information and token in SmartBridge. SmartBridge does not have a web console, so you will need to use the OVA console.
- Press [4] on the keyboard to select [SmartBridge Direction].
- Enter the values for the following items using the keyboard and press the [Enter] key to proceed.
| Project | Explanation | Keyboard Selction |
|---|---|---|
| Connection Initiation | Connection direction | |
| Connect from Bridge to Server (with token) | [B] | |
| Connect from Server to Bridge (with token) | [S] | |
| Connect from Server to Bridge (without token) | [A] | |
| Hostname or IP address | Core server (ThirdEye) IP address | 192.168.30.19 |
| Port | Core server (ThirdEye) HTTPS port | 443 |
| Token | Token generated during SmartBridge registration |
After the settings are made, the service will be automatically restarted, and you will be returned to the initial screen.
Managing Devices via SmartBridge
When you want to manage devices with SmartBridge, you will use the Network feature, any devices added to that network will be monitored/managed via SmartBridge.
- click [Settings].
- Select the Networks category on the settings dialog and click the button to add a new network.
- Enter a name for your network and select [Smart Bridge] in the “Bridge Host” field.
- Click [OK]
The network has now been added, click [OK] to save the settings.
Once the settings are saved, the network will be added to the top left. Select the added network from the pull-down menu to display a blank table. The devices registered here will be monitored/managed via the selected SmartBridge.
