Merge branch 'newbranchfirewall' into 'master'

Firewall Expectations See merge request !57

Merge branch 'newbranchfirewall' into 'master'
5c813037 · SAM CARPENTER · c0b72e50 · 1df21528 · 5c813037 · 5c813037
Commit 5c813037 authored 2 years ago by SAM CARPENTER
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@
 * [On-Boarding to IICS](./docs/on-boarding-to-iics.md)
 * [Logging in](./docs/logging-in.md)
 * [Training](./docs/training/training.md)
-* [Best Practices And Recommendations](./docs/best-practices/)
+* [Best Practices And Recommendations](./docs/best-practices/README.md)
 * [Integration Tutorials](./docs/tutorials/README.md)
 * [Secure Agents](./docs/secure-agent.md)
 * [Shared Orgs and Sub Orgs](./docs/shared-org-vs-sub-org.md)

--- a/docs/best-practices/README.md
+++ b/docs/best-practices/README.md
@@ -2,9 +2,10 @@
 Here are some recommended best practices for designing and working with integrations in IICS.
-* [Working In a Shared Environment](best-practices/shared-environment.md)
+* [Working In a Shared Environment](docs/best-practices/shared-environment.md)
-* [Naming Conventions](best-practices/naming.md)
+* [Naming Conventions](docs/best-practices/naming.md)
-* [AWS S3 as a Flat file alternative](best-practices/flat-file-alternative.md)
+* [AWS S3 as a Flat file alternative](docs/best-practices/flat-file-alternative.md)
-* [Cloud Data Integration (CDI) vs. Cloud Application Integration (CAI)](best-practices/cai-vs-cdi.md)
+* [Cloud Data Integration (CDI) vs. Cloud Application Integration (CAI)](docs/best-practices/cai-vs-cdi.md)
-* [Migrating Assets between Organizations](best-practices/asset-migration.md)
+* [Migrating Assets between Organizations](docs/best-practices/asset-migration.md)
-* [Email Alerting](best-practices/email-alerting.md)
+* [Email Alerting](docs/best-practices/email-alerting.md)
+* [Firewall Expectations](docs/best-practices/firewallexpectation.md)
--- a/docs/best-practices/firewallexpectation.md
+++ b/docs/best-practices/firewallexpectation.md
+# Firewall Expectations
+For a database to successfully be accessed by IICS, it must first accept connections from the IICS Secure Agent. If the database has a firewall associated with it, then any attempt at connecting without altering the firewall will most likely result in an error (only providing the vague error message of ‘Connection Refused’ within IICS).
+For connection to be successful, the database admin must edit the firewall to allow communications from the Secure Agent through. There are two secure agents running under the label ei.secureagent.wisc.edu - one for the test organization, and one for production - and each one has a separate IP address. These addresses are listed below.
+|Organization|IP|
+|:-------|:---------------|
+|test | 3.230.240.5 |
+|production | 3.19.12.147 |
+Once the connection in IICS and the firewall rules in the database are set up, they can easily be tested by using the ‘test connection’ button in IICS. If the connection is unsuccessful, it is recommended you double-check the connection properties within IICS, and check the firewall traffic in the database to make sure no connection attempts are being blocked.
+Note that there is an additional layer of firewalls contained within edge routers that encompasses all inbound traffic to the UW system. When using certain ports (notably 1433), the traffic will be blocked by the edge router. If you have determined this might be the case, you should contact the Integration Team at integration-platform@doit.wisc.edu for support.