Prerequisites for the BeyondTrust Remote Support Integration with Salesforce

 

You must purchase this integration separately for both your Remote Support software and your Salesforce solution. For more information, contact BeyondTrust's Sales team.

The requirements to integrate BeyondTrust with Salesforce.com are outlined below. Unless the associated features of an integration component are not used, all of these requirements must be in place prior to starting the integration setup.

Base Integration Requirements

  1. A working Salesforce instance
  2. BeyondTrust BeyondTrust Appliance B Series (physical or virtual) with:
    • Version 17.x or later
    • At least one usable representative console that can generate session keys
    • A working BeyondTrustRemote Support public site through which users can connect to representatives
  3. Installed BeyondTrust Middleware
  4. Network firewall rules to allow:
    • CP 443 traffic from the BeyondTrust Appliance B Series to reach the Integration Middleware
    • TCP 443 traffic from the Integration Middleware to reach the appropriate Salesforce instance
    • TCP 443 traffic from the appropriate Salesforce instance to reach the BeyondTrust Appliance B Series

 

The Salesforce Integration Plugin must also be installed and configured once this installation guide has been completed. The integration does not work without the plugin. The plugin installation is outlined in a separate document.

Firewall Test

It is important to test all requirements of the integration prior to beginning setup. Most of these can be tested by the BeyondTrust and Salesforce.com administrators within their respective systems, but to test the network firewall, the BeyondTrust admin should take the following steps to confirm that the necessary rules are in place:

  1. Log in to a machine either external to the B Series Appliance's network or in the same VPN as the Integration Middleware instance, depending on how Salesforce connects to the B Series Appliance's network.
  2. Log in to the B Series Appliance's /appliance interface.
  3. Browse to Support > Utilities :: TCP Connection Test.
  4. Enter the hostname of the Integration Middleware instance, enter the port number of 443, and click Test. The result should be a Connected status message.

Do not enter the protocol of the Integration Middleware instance (e.g., https://). Instead, use the fully qualified domain name only (e.g., middleware-hostname.example.com). In most environments, the B Series Appliance resides in a DMZ network and has a public DNS address, which Salesforce contacts over the public internet. In some environments, BeyondTrust is not publicly accessible. In these cases, you should Salesforce about implementing a VPN connection to your internal network for Salesforce.