Internal Site Connector

You can change how Verify Privilege Vault processes messages by navigating to Admin > See All and selecting Networking.

Messages are generated and placed on the internal site connector, or backbone bus, every time a background operation is triggered whether by a schedule or on-demand.

The internal site connector receives and processes messages as a result of numerous actions:

Bulk Operations
Generate Password
Secret Import (CSV and XML)
Run Heartbeat Now
Run Heartbeat (Scheduled)
Run Password Change Now
Run Password Change (Scheduled)
Run Discovery Now
Run Discovery (Scheduled)
Run AD Sync Now
Run AD Sync (Scheduled)
Elements of Session Recording

The internal site connector, using the internal hosted bus, is adequate for bulk operations, heartbeat, discovery, and the like, but some Verify Privilege Vault features, such as a clustered Web server node configuration or session recording, require a scalable messaging solution to boost processing performance. Our choice is RabbitMQ, which is an intermediary messaging broker that can handle large-scale message processing.

For the highest scalability and reliability, IBM Security recommends using RabbitMQ. MemoryMQ is an easier but less capable alternative and can be used for trials and proof of concepts but should not be used for production environments. Two exceptions are very small deployments and customers that do not use open-source software for compliance reasons.

The following is a typical internal hosted bus operation (for a bulk operation):

A Verify Privilege Vault user triggers the a bulk operation.
A message is formed and sent over a TCP connection to the internal hosted bus.
Verify Privilege Vault (on the same machine) receives the message.
Verify Privilege Vault (on the same machine) processes the message.

We continually improve the internal hosted bus but still recommend RabbitMQ for a scalable performance boost. See Installing RabbitMQ for more information.