Security from Data Action to Private Back End

David_Fradejas · September 19, 2024, 8:15am

Hi Experts.

We are working on the migration of a large Engage customer to Genesys Cloud.

One of the biggest challenges we are facing is the ability to consume the client web services (back end) that are in the private client environment.

What options does Genesys Cloud offer to consume client web services privately? The client does not want to expose these web services to the internet.

we have seen something about direct connect....(this is the best way (more secure) to achieve this?
is better to use a Lambda and VPN?

Please, would be nice if you give me some advices arround this.
Thanks in advance.

Jason_Mathison · September 19, 2024, 12:34pm

Here is our documentation around this question:

--Jason

David_Fradejas · September 19, 2024, 2:28pm

Thanks @Jason_Mathison !!!
Is it the only way?

there is some alternatives?

Jason_Mathison · September 19, 2024, 5:50pm

Hey David,

Data actions can reach out to public endpoints, AWS Lambdas, or Google Functions. There has to be a bridge between one of those types of endpoints and your customer's endpoint.

The documentation gives an example of doing this via lambda and the AWS VPN as you can work with AWS to ensure this is a secure approach.

Another option would be something that runs inside of their network and makes their endpoint publicly accessible, like ngrok. That is a popular tool, but not one that I or Genesys can provide any assurances about.

Finally, if the customer implements the various security options documented here

they can be sure that only the data action service can reach their endpoint, and that the request is being made on behalf of their Genesys Cloud organization:

--Jason

system · October 20, 2024, 5:50pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.