Prerequisites for the BeyondTrust Remote Support Integration with Salesforce

 

You must purchase this integration separately for both your Remote Support software and your Salesforce solution. For more information, contact BeyondTrust sales.

Outlined below are requirements for the BeyondTrust integration with Salesforce.com. If any of the integration requirements are not yet met, they must be in place prior to starting the integration setup process unless the associated features of the integration are not required.

Base Integration Requirements

  1. A working Salesforce instance
  2. BeyondTrustBeyondTrust Appliance B Series (physical or virtual) with:
    • Version 17.x or later
    • At least one usable representative console which can generate session keys
    • A working BeyondTrustRemote Support public site through which users can connect to representatives
  3. Installed BeyondTrust Middleware
  4. Network firewall rules to allow:
    • CP 443 traffic from the BeyondTrust Appliance B Series to reach the Integration Middleware
    • TCP 443 traffic from the Integration Middleware to reach the appropriate Salesforce instance
    • TCP 443 traffic from the appropriate Salesforce instance to reach the BeyondTrust Appliance B Series

 

The Salesforce Integration Plugin must also be installed and configured once this installation guide has been completed. The integration will not work without the plugin. The plugin installation is outlined in a separate document.

Firewall Test

It is important to test all requirements of the integration prior to beginning setup. Most of these can be tested by the BeyondTrust and Salesforce.com administrators within their respective systems, but to test the network firewall, the BeyondTrust admin should take the following steps to confirm that the necessary rules are in place:

  1. Log in to a machine either external to the B Series Appliance's network or in the same VPN as the Integration Middleware instance, depending on how Salesforce connects to the B Series Appliance's network.
  2. Log in to the B Series Appliance's /appliance interface.
  3. Browse to Support > Utilities :: TCP Connection Test.
  4. Enter the hostname of the Integration Middleware instance, enter the port number of 443, and click Test. The result should be a Connected status message.

Do not enter the protocol of the Integration Middleware instance (e.g., https://). Instead, use the fully qualified domain name only (e.g., middleware-hostname.example.com). In most environments, the B Series Appliance resides in a DMZ network and has a public DNS address, which Salesforce contacts over the public internet. In some environments, BeyondTrust is not publicly accessible. In these cases, you should Salesforce about implementing a VPN connection to your internal network for Salesforce.