Aiimi Insight Engine
User GuidesAiimi
  • Introducing Aiimi Insight Engine
  • Architecture
    • Overview and Key Concepts
    • Hosting Options
    • Architecture and How It Works
      • Agent Servers
        • Security Agent
        • Source Agent
        • Content Agent
        • Enrichment Agent
        • Job Agent
        • OCR Agent
        • Migration Agent
        • Tika Agent
      • Repository
        • Data Node
        • Proxy Node
        • Kibana Node
      • Gateway and User Interface
      • Document and Data Sources
    • Deployment Options
    • Security
      • User Security
      • Data and Document Security
      • Source System Security
      • Firewalling
      • Agent Servers
      • Repository
      • Gateway (Web Server)
      • Tools & Utilities
  • Installation
    • Elastic and Kibana Install (Windows)
    • Aiimi Insight Engine Installation (Windows)
      • Installation Security
      • Certificates in a Key Vault
      • SAR Configuration
      • CSOM Bridge Set Up
      • AI Studio
    • AI Services
      • Prerequisites
      • AI Enrichment Service
        • Installation and Setup
        • Enabling Enrichment Steps
        • Using AI Enrichment Steps
        • Performance and Concurrency
      • AI Model Service
        • Installation and Setup
        • Enabling Providers
        • Private Generative AI
        • Azure Open AI
        • Enabling AI History
        • HTML Cleaner Service
      • Configuration of Logging
      • Offline Set-up of Models
      • Using SSL
      • Running as a Service (Windows)
      • Using GPUs
      • AI and Semantic Search Set Up
        • Open & Closed Book AI
        • Semantic Search
          • Vectors for Semantic Search
          • Source Configuration
          • Sentence Transformer Models
          • Enrichment
          • Kibana
          • Final Search Flow
    • Email Threading Upgrade
  • Run Books
    • SharePoint Online Connector
      • Migrating ACS to Azure AD with Sites.Read.All
      • Migrating ACS to Azure AD with Sites.FullControl.All
  • Control Hub
    • Agents
      • Configurations
        • Config Management
        • Security Configurations
          • Security - General
          • Security - Source
            • Active Directory
            • Atlassian
            • Azure Active Directory
            • Builtin Security
            • Miro Security
            • Google Directory
            • SharePoint Security
            • Slack Security
          • Security - Sync
          • Security - Agents
          • Security - Scheduling
        • Source Configurations
          • Source - General
          • Source - Source
            • Alfresco Kafka
            • Azure Blob Storage
            • BBC Monitoring
            • Big Query Cataloguer
            • BIM360
            • CSV Data Loader
            • Confluence
            • Content Server
            • Data File Cataloguer
            • Document Store
            • DocuSign
            • Dropbox
            • Exchange 365
            • Filesystem
            • Google Bucket
            • Google Drive
            • Google Vault
            • Jira
            • JSON Data Loader
            • Livelink
            • Microsoft Teams
            • Mimecast
            • Miro
            • ODBC Data Loader
            • PowerBi Cataloguer
            • Reuters Connect
            • ShareFile
            • SharePoint
              • Azure Portal and Azure AD Authentication
              • Sensitivity Labels
            • SharePoint Legacy
            • SQL Server Cataloguer
            • Slack
            • Versioned Document Store
            • Websites
            • XML Data Loader
          • Source - Crawl
          • Source - Agents
          • Source - Schedule
          • Source - Advanced
        • Enrichment Configurations
          • Creating a Pipeline
            • General
            • Steps
              • AccessMiner
              • AI Classification
              • Apply Sensitivity Label
              • Anonymiser
              • CAD Extractor
              • Checksum
              • Content Retrieval
              • Copy
              • Data Rule Processor
              • Delete
              • Direct Copy
              • Email Extractor
              • Entity Rule Processor
              • External Links
              • Geotag
              • Google NLP Extractor
              • Google Vision Extractor
              • Metrics Calculation
              • Microsoft Vision Extractor
              • OcrRest
              • Office Metadata
              • PCI Extractor
              • REST
              • Set Document Risk
              • Text Cleaner
              • Tika Text Extraction
              • Trie Entity Extractor
              • Update Metadata
            • Filters
            • Agents
            • Schedule
            • Advanced
        • OCR Engine
        • Job Configurations
          • General
          • Job
            • AutomatedSearchJob
            • Command Job
            • ElasticJob
            • Extended Metrics Job
            • File Extractor
            • GoogleVaultSAR
            • Google Drive Last Access Date
            • Nightly Events Processor Job
            • Notifications Processor Job
            • Portal Sync Job
            • Purge Job
            • SAR Archiving
            • Text Content Merge Job
          • Output
          • Agents
          • Scheduling
        • Migration Configuration
          • General
          • Filter
          • Metadata Mappings
          • Agents
          • Scheduling
          • Advanced
      • Stats
        • Data Views
    • Security
      • User Settings
      • Credentials
      • Authentication
      • Application Access
      • Auditing
      • Descriptor Groups
      • Uploads
    • Mappings
      • Entities
        • Manage Entity Groups
        • Create an Entity
        • Manage an Entity
      • Models
        • Create a New Model
        • Find a Model
        • Enable or Disable a Model
      • Vectors
      • Rank Features
    • Search Settings
      • Search Relevancy
        • Core Settings
        • Makers Algorithm
        • Filename Boost Layer
        • Minimum Matching Terms Filter
        • Field Boost
        • Modified Date Boosting
        • Hit Highlighting
        • Why My Search Matched
        • Data Search Strategy
      • Bulk Search
        • Managing a Bulk Search
      • Filtering
      • Search Performance
      • Related Results
      • Featured Links
    • AI Settings
      • Search Flows
        • Search Flow Types
        • General Configuration
        • Query and Prompt Classification
        • Search Steps
        • Smart Filtering
        • Model Steps
        • Result Templates
        • System Prompt
      • Tools
        • Concepts
        • Import OOTB Tools
        • Built In Functions and Tools
        • Create and Edit Tools
      • Classifications
        • Class
        • Class Rules
        • AI Classification
    • User Interface
      • Thumbnails
      • Code of Conduct
      • Visualisations
        • Related Result Connections Diagram
        • Event Timeline
        • Timeline Lens Activity Chart
        • Relationship Map
      • Map Lens
      • Theming
      • User Avatar
    • Global Settings
      • General
      • App Settings
      • Presets
      • Metrics
      • Viewer
      • SAR
        • Importing Data For A SAR
        • SAR Disclosure Document Storage
        • Getting SAR data from Google Vault
        • SAR Configuration Access
        • SAR File Status
      • Disclosure Portal
        • Disclosure Portal Set Up
        • SARs From The Portal
        • Email Delivery Settings
          • Delivery Settings
          • Brand Settings
          • Customise Emails
        • SMS Delivery Settings
        • Requestor Message Limit
        • Attachment Configuration
        • Password Configuration
        • File Scanner Configurator
      • Collections
      • Notifications
      • OData API
  • AI Studio
    • Classifications
      • Classifications
      • Classification Rules
    • Jobs
  • Labels
  • API Guides
    • Insight API Guide
      • Swagger Documentation
      • Trying Some Endpoints
      • Search Filter
      • Hits / Items
      • Inspecting REST Calls
    • Data Science API Guide
      • REST Interface
        • Login
        • Datasets
        • Fields
        • Field Statistics
        • Search
        • Scroll
        • Update
      • Python Library
      • Data Science API Wrapper
        • Login
        • Datasets
        • Fields
        • Field Statistics
        • Search
        • Scroll
        • Scroll Search
        • Update Single Document
        • Bulk Update
      • Search API Wrapper
        • Login
        • Privileged Access
        • Search
        • Collection
        • ChatBot Class
      • Admin API Wrapper
      • AI Model Server API Wrapper
      • Utilities
        • Query Builders
        • Azure Key Vault Wrapper
    • Creating a Native Enrichment Step
      • Creating an Enrichment Step
        • Creating the Core Classes
        • Extending our Enrichment Step
        • Adding a Configuration Template
        • Adding the Enrichment Step
        • Creating an Enrichment Pipeline
      • Other Tasks
        • Entities, Metadata and Data
        • Accessing the Repository
      • Example Code
      • Troubleshooting
    • Creating a Python Enrichment Step
      • Creating an Enrichment Step
        • Running the Example from Command Line
        • Running the Example
      • Creating Your Own Step
      • Adding or Changing Entities, Metadata
  • Whitepapers and Explainers
    • From a Billion To One – Mastering Relevancy
    • Methods for Text Summarization
      • Application
      • Technology Methods
      • Commercial Tools
      • Key Research Centres
      • Productionisation
      • Related Areas of Text Analytics
      • Conclusion
      • References
Powered by GitBook
On this page
  1. Architecture
  2. Security

Agent Servers

PreviousFirewallingNextRepository
CtrlK

Each Aiimi Insight Engine agent runs as a Windows or Linux service. They listen and communicate with gateways using ports. They also locally write logs and can generate local temporary data.

Specific communications:

  • Source Agent - Content Agent

  • Enrichment Agent - Content Agent

  • Migration Agent - Content Agent

  • Migration - Source Agent

  • Enrichment Agent - OCR Agent

  • Enrichment Agent - Tika Agent

  • Job Agent - All agents or Job dependent

Security Agent

Elasticsearch Connection

The security agent requires network access to the Elasticsearch cluster as outlined in the firewalling guide. Default port: 9200

Read more about Aiimi Insight Engine Firewalling.

Azure Directory Connection

The security agent requires network access to the Active Directory you are synching users and groups from. Default port: 2222

If you use other security repositories such as Azure AD or OpenText Content Server, these ports need to be accessible to the security agent.

Security Specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.

  • Write access to the logs folder.

  • Read access to the security certificates used to secure communications with Elasticsearch.

Source Agent

Elasticsearch Connection

The source agent requires network access to the Elasticsearch cluster as outlined in the firewalling guide. Default port: 9200

Read more about Aiimi Insight Engine Firewalling.

Source System Connection

The source agent requires network access to all source systems. Default port: 2221

Security specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.

  • Write access to the logs folder.

  • Read access to the security certificates used to secure communications with Elasticsearch.

Content Agent

Elasticsearch Connection

The content agent requires network access to the Elasticsearch cluster as outlined in the firewalling guide. Default port: 9200

Read more about Aiimi Insight Engine Firewalling.

Content Agent Connection

Default port: 2225

Security specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.

  • Write access to the logs folder.

  • Read access to the security certificates used to secure communications with Elasticsearch.

  • Write access to the folder used to cache the thumbnails (configured in the control hub).

Enrichment Agent

Elasticsearch Connection

The enrichment agent requires network access to the Elasticsearch cluster as outlined in the firewalling guide. Default port: 9200

Read more about Aiimi Insight Engine Firewalling.

Tika Agent Connection

The enrichment agent needs network access to the Tika Agent. Default port: 9998 This service usually runs on the same server as the enrichment agent.

Enrichment Agent Port

Default port: 2223

Security specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.

  • Write access to the logs folder.

  • Read access to the security certificates used to secure communications with Elasticsearch.

Job Agent

Elasticsearch Connection

The job agent requires network access to the Elasticsearch cluster as outlined in the firewalling guide. Default port: 9200

Read more about Aiimi Insight Engine Firewalling.

Job Agent Port

Default port: 2220

Security specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.

  • Write access to the logs folder.

  • Read access to the security certificates used to secure communications with Elasticsearch.

OCR Agent

Elasticsearch Connection

The OCR agent requires network access to the Elasticsearch cluster as outlined in the firewalling guide. Default port: 9200

Read more about Aiimi Insight Engine Firewalling.

OCR Agent Port

Default port: 2224

Security specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.

  • Write access to the logs folder.

  • Read access to the security certificates used to secure communications with Elasticsearch.

Migration Agent

Elasticsearch Connection

The migration agent requires network access to the Elasticsearch cluster as outlined in the firewalling guide. Default port: 9200

Read more about Aiimi Insight Engine Firewalling.

Migration Agent Port

Default port: 2226

Security specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.

  • Write access to the logs folder.

  • Read access to the security certificates used to secure communications with Elasticsearch.

Tika Agent

The Tika agent requires no outbound network access to other services, it services inbound requests only.

Tika Agent Port

Default port: 9998

Security specifics

By default, the windows service will run as the local system account. You should not need to change this. The account needs:

  • Read access to the installation folder for Aiimi Insight Engine.