For using EBF Files with a server several requirements have to be met, discussed in detail in these subchapters.
If you want to use EBF Files in serverless mode, you just need to make sure, that the OneDrive and Sharepoint resources can be reached from the device, either as Cloud service or On-Premise using a VPN connection.
The solution requires a database for EBF Files server configuration data. The following database systems are supported:
- MySQL / MariaDB (Version 8 and up)
- Microsoft SQL-Server (Version 2016 and up)
Since the system must be accessible via the internet, appropriate firewall approvals are required. The following table lists the required approvals for the respective components. The use of the UEM system MobileIron as well as connection to a Microsoft SQL Server is assumed here as an example. It is recommended to adapt the port definitions to the conditions of the used database system.
|SOURCE SYSTEM||SOURCE DMZ||SOURCE
|TARGET SYSTEM||TARGET DMZ||TARGET
|Loadbalancer||Internet||443||AppTunnel Sentry Pair||DMZ Backend||443||HTTPS|
|AppTunnel Sentry||DMZ Backend||443||Loadbalancer||DMZ Backend / Frontend||443||HTTPS|
|Loadbalancer||DMZ Backend / Frontend||443||EBF Files Server||Intranet||80||HTTP|
|EBF Files Server||Intranet||443||Loadbalancer DMZ Backend / Frontend||DMZ Frontend||443||HTTPS|
|Loadbalancer||DMZ Backend / Frontend||443||Core Failover Pair||DMZ Frontend||443||HTTPS|
|EBF Files Server||Intranet||1433||MS SQL DB Cluster||Intranet||1433||TCP|
|EBF Files Server||Intranet||389/ 636||LDAP AD Server||Intranet||389/ 636||TCP|
|EBF Files Server||Intranet||139/ 445||SMB File Server||Intranet||139/ 445||TCP|
|EBF Files Server||Intranet||137/ 138||SMB File Server||Intranet||137/ 138||UDP|
The server application can be delivered as an appliance providing necessary ISO images for installation on Linux-based servers. The ISO images required for the appliance system installations can be provided by EBF for download over the internet. Alternatively EBF can provide the corresponding Docker images or JAR/WAR for installation in existing systems. The procedures for each are detailed in the installation chapter.
The following specifications are recommended for EBF Files server installation. The appliances are usually virtual machines (from VMware or other VM providers) and are based on CentOS 7 x64 Linux distribution.
|CPU||min. 4 Cores|
High-availability (HA) is usually achieved integrating load-balancing by means of a ‘round-robin’ load distribution within the active proxies and underlying file servers.
To secure the communication SSL certificates are required, issued to the server names and in iOS-compatible and/or Android-compatible format. Depending on the implementation, these certificates must be stored directly on the server systems or alternatively on the load balancer system (SSL-offloading).
Roles and Permissions
Admin User Roles
Technical users with the described rights/roles are required in the following systems to operate EBF Files:
|EBF Files Server||root||Root Access for LINUX Appliance for configuration of Files Servers|
|EBF Files Server Admin UI||SuperAdmin||Create Tenant|
|EBF Files Server Admin UI||Admin||Create File Containers|
|Database Server||EBF Files DB Admin||EBF Files Server Configuration|
For the authorization management within the EBF Files server, a user account with read access is required for each file server system to connect to the corresponding LDAP/Active Directory.