Communication Between Trusted Agent and Private Resources
The connections between Trusted Agent and the private resources they access are typically short-lived and utilize the communication protocols appropriate for the target private resource type.
For example, when a Trusted Agent receives a request from a Trusted Agent Hub to verify an LDAP user account, that request includes LDAP directory connection information configured in CSM Administrator. The Trusted Agent uses this connection information to open a direct LDAP connection to the LDAP directory and issues LDAP queries to verify the User account. When completed, the Trusted Agent disconnects from the LDAP directory and returns the result of the user verification operation to the Trusted Agent Hub for delivery to the requesting CSM service or application.
The connection between a Trusted Agent and a private resource should typically occur over a private local network to reduce latency. Additionally, just as you would with other direct connections to secure resources, consideration should be given to using secure LDAP and encrypted database communications to protect the flow of sensitive information between these two components on the private network.