Home
Deployment guide
Learn how to install and connect your Security Center SaaS application.
Federation through reverse tunneling
Deploying Security Center Federation using reverse tunneling
To deploy Security Center Federation™ using reverse tunneling, you must first create a reverse tunnel on the Federation host for each remote site. After creating the reverse tunnel, open it from the remote site before you federate it.

Deployment guide
Learn how to install and connect your Security Center SaaS application.
- Getting started
- Requirements
- User management
- Device management
- Federation through reverse tunneling
  - What is reverse tunneling
    Reverse tunneling is a method of securing communication between clients and servers that are behind a firewall. This technique enhances security and simplifies firewall management. When using a reverse tunnel, the server initiates a connection to the client. This tunnel connection is secured by a previously shared keyfile that contains an identity certificate. When established, the reverse tunnel allows bidirectional communication without opening inbound firewall ports.
  - Deploying Security Center Federation using reverse tunneling
    To deploy Security Center Federation™ using reverse tunneling, you must first create a reverse tunnel on the Federation host for each remote site. After creating the reverse tunnel, open it from the remote site before you federate it.
  - Creating reverse tunnels on the Federation host
    To open a reverse tunnel between a remote site and the Federation™ host, you must first create a reverse tunnel for the remote site on the Federation host.
  - Opening reverse tunnels between remote sites and the Federation host
    To establish a reverse tunnel connection between a remote site and the Federation™ host, you must open the tunnel from the remote site.
  - Connecting the Federation host to remote sites through reverse tunnels
    To connect the Security Center SaaS Federation™ host to a remote site using reverse tunneling, you must follow a specific pattern for the Directory name while configuring the Security Center Federation™ role.
  - Resetting reverse tunnels
    If the identity certificate of the Federation™ host or remote site is modified while the reverse tunnel is disconnected, you must reset the tunnel by generating and applying a new keyfile.
User guide
Learn about Security Center SaaS.
Genetec ClearID User Guide
Learn how to set up and use ClearID in Security Center SaaS.
Additional resources
Review the supported device list and other resources.
Glossary

Deploying Security Center Federation using reverse tunneling

2024-04-10

To deploy Security Center Federation™ using reverse tunneling, you must first create a reverse tunnel on the Federation host for each remote site. After creating the reverse tunnel, open it from the remote site before you federate it.

Before you begin

Prepare the following:

Names of remote sites to federate and the version of Security Center they are running.
Credentials to sign in to the remote systems as the following Security Center users:
- The Federation user
- An administrator
An external storage device to save the tunnel keyfiles created for the remote systems.
The system that hosts the Reverse Tunnel Server role must be reachable from remote sites that can use DNS to resolve the server hostname.

What you should know

If possible, use a workstation that can access the Federation host and remote sites.

Procedure