How does one setup Public Site Server (PSS) and configure an agent collection through the Public Site Server?
The Public Site Server (PSS) requires three different servers, at least two segregated networks, and an open connection to a DMZ or internal server to function properly. The configuration of port forwarding or network routing is beyond the scope of this article. For more information on these topics, please contact your support representative and IT/Network Infrastructure professionals.
This article assumes that the user possesses some familiarity and knowledge of a standard Site Server configuration and Agent installation.
Below is a description of the installation and configuration of eDiscovery (including both Site Servers) utilizing three separate system with two segregated networks as described above. Both the Public and Root site server services must be configured to run using the same identity (i.e., service account). If not using a single service account, collections will not complete successfully.
Internal Network Subnet - 10.2.3.0/24
- eDiscovery Server with Root Site Server (single server install) - 10.2.3.51
- Public Site Server - 10.2.3.52 (internal IP); 22.214.171.124 (external IP)
External Network Subnet - 192.168.2.0/24 (Coffee shop network)
- Agent server - 192.168.2.127
Root Site Server Config
Public Site Server Config
Once the PSS and RSS have been configured properly and are viewable in the Site Server Console (Manage >> Site Server Console), the agent can be installed to check-in with the PSS. If RSS and PSS aren't showing up in the SS Console, try recycling services. Additional troubleshooting of open ports and network firewalls may be necessary.
The agent installation requires an extra argument in order to communicate with a PSS. An agent cannot be pushed to a node and configured for PSS using the eDiscovery platform. Below is the syntax used for the agent to communicate with the PSS from the example above.
MSIEXEC /I "<path>\AccessData Agent (64-bit).msi" CER="<path>\<certificate_name>.crt" PUBSS=126.96.36.199:54545
By default the agent will check-in every 30 min. A collection can now be created to target the agent(s) that have been configured to check-in with the PSS. If the agent falls outside of the Managed Subnets of all other Site Servers, the job will be replicated on the PSS and, when the agent checks-in, it will acquire the job and start the collection.
(Note: Collection jobs that go through the PSS generally take longer than a typical internal collection due to standard internet traffic and network speeds).