Network protocols

Dimensions CM uses the Standard Dimensions Protocol (SDP) to communicate to the system's components. Clients can also connect to a Dimensions CM server using HTTP/S.

Standard Dimensions protocol

Dimensions CM uses the Standard Dimensions Protocol (SDP) that works as follows:

  • Most server components communicate using TCP/IP.

  • Messages sent over such connections are RPC (Remote Procedure Call) style.

  • The caller requests a particular function and sends a number of input parameters.

  • The other end responds with output parameters.

By default, server and agent listen on TCP/IP port 671, but this is configurable. The TCP/IP connection is initiated from the client to the server. If you are setting up a firewall on your network, you must allow incoming connections on that port to the server, and also from the server to agents if required.

When an RPC request or response is large enough, it is automatically compressed by the server to provide low-bandwidth delivery of data. Content in transferred files is also automatically compressed. You can set the level of compression in the Administration Console.

When transferring many files, Dimensions CM reads the file content from the file/storage tier to a memory buffer in the server, compresses the data, and delivers the compressed data buffer to the client. Files are transferred only if they have changed since the client last obtained them. When updating local files to newer versions, delta compression is utilized to further reduce the amount of data to be transferred. This optimization and compression ensures that Dimensions CM performs well over a slow WAN.

Back to top

Secure standard Dimensions protocol

Secure Standard Dimensions Protocol (SSDP) is identical to SDP. All data sent over the wire is Secure Socket Layer (SSL) encrypted.

We recommend that you configure Dimensions CM to use SSDP if your network traffic travels over a public network link. Encryption is provided using TLS version 3.1 with the following cipher suite:

TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA

The encryption is performed using the OpenSSL API (http://www.openssl.org). Diffie–Hellman key agreement using ephemeral keying (key exchange via a temporary key) is employed to encrypt the traffic using a customer-provided certificate. We recommend a 1024 bit key, which can be configured by your Dimensions CM administrator.

Back to top

Dimensions CM server HTTP connector

HTTP may be required for security reasons or for compatibility with network infrastructure such as proxies and firewalls. This is particularly true where the connection between a Dimensions CM server and clients goes over a public or virtual private network.

The Dimensions CM Server HTTP Connector allows clients to connect to a server using the HTTP or HTTPS network protocol instead of the default Standard Dimensions Protocol. The connector accepts network connections using HTTP/S and forwards the traffic to the server.

Back to top

See also: