The Kore.ai Connector is an agent that runs behind your bots firewall within your company Intranet or perimeter network (DMZ) to provide secure data exchange between Kore.ai which operates in the cloud and your on-premises applications.
In the following diagram, end-users configure a Kore.ai Bot that connects to Kore.ai in the cloud. The Kore.ai Bot servers (5) contact the Kore.ai Connector Gateway (2) with the Bot request. The Kore.ai Connector Gateway relays the request to the Kore.ai Connector (3) installed and securely configured in your on-premises Intranet or DMZ to interact with your bots applications. The response from your applications is sent through the Kore.ai Connector back out to the Kore.ai cloud, and processed. Optionally, you can enable your on-premises applications to push data, for example, alert messages, to the Kore.ai cloud using webhooks.
How it Works
After you install the Kore.ai Connector in your network, you configure the agent with details to specifically access, communicate, and request or post data to the bots application you define.
When started, the Kore.ai Connector Agent initiates a persistent SSL connection with Kore.ai and monitors requests for data transfer to or from your bots applications and Kore.ai. If the persistent connection is broken, the Kore.ai Connector automatically attempts to reestablish communication. You can monitor connectivity directly in the Bots Admin console.
Kore.ai Connector Features
The Kore.ai Connector is a versatile, robust, and stand alone application designed to integrate using a variety of security protocols and standards.
- Kore.ai Connector-initiated a persistent connection to the Kore.ai Gateway – A Transport Layer Security (TLS) tunnel connection is established between the Kore.ai Gateway (integrated with the Kore.ai Bot server) and the Kore.ai Connector Agent after successful mutual trust is established. The persistent connection utilizes TLS to send payloads. HTTP/HTTPS requests and responses can be multiplexed to allow a client to make multiple requests for efficient use of the tunnel connection.
- Automatic re-connectivity to the Kore.ai Gateway – The Kore.ai Connector Agent maintains a persistent connection with the Kore.ai Gateway. However, if there is network connectivity failure for any reason, including application server restart, the Kore.ai Connector re-establishes a new connection automatically.
- Audit logging of inbound traffic for traceability – The Kore.ai Connector initiates and maintains a persistent channel for communication with Kore.ai Bot server to capture any request from the Kore.ai Bot server in this channel and then logs a corresponding audit entry in a log file on your application server.
- Audit logging of configuration changes – The Kore.ai Connector Agent writes an audit log entry whenever an administrator changes any critical configuration settings, such as virtual mappings, allowed resources, and so forth.
- Scalable to handle load requests – The Kore.ai Connector Agent starts in cluster mode with the number of workers equivalent to the number of CPUs.
- Mutual trust relation with Kore.ai Bot server based on X.509 certificates – To establish TLS communication between the Kore.ai Connector Agent and the Kore.ai Gateway, mutual authentication is required using Kore.ai Gateway issued X.509 certificates to the Kore.ai Connector Agent.
- Access control for on-premises application using virtual hosts – The Kore.ai Connector administrator can specify a virtual hostname and port for a on-premises system accessed by the Kore.ai Connector Agent. By specifying virtual hosts mapping, internal physical host information is not exposed publicly.
- Access control for allowed resources – In addition host and port definitions, the Kore.ai Connector Agent can optionally specify resources, or paths allowed to be invoked on that host. Using a whitelist for access control, only explicitly defined resources can be accessed.
- Secure access to on-premises applications without changing corporate firewall – The Kore.ai Connector Agent can be installed in the DMZ or in an inner network zone without changes to an external firewall provided port 80 and 443 are open.
Now that you are familiar with the Kore.ai Connector, you are ready to begin installation. For more information, see Installing the Kore.ai Connector Agent.