Menu
Region
Ready to get started? Contact us.

Private-network connectivity

Connect private systems without exposing them directly to the internet.

UNIFYConnect Agent provides controlled outbound connectivity between customer-hosted systems and UNIFYConnect workflows where target systems remain inside private networks.

How it works Ask about deployment
Outbound relay-based connectivity from customer-controlled environments
Private reach internal directories, HR systems, and application targets
Controlled deployment aligned to customer governance and network requirements
UNIFYConnect Home UNIFYConnect automates identity lifecycle management between authoritative sources, Microsoft Entra ID, Active Directory, applications, and downstream …

Explore UNIFYConnect

Architecture How UNIFYConnect provides an identity integration and control layer for hybrid environments moving toward Microsoft Entra. Features Explore the key UNIFYConnect features for identity integration, lifecycle automation, Microsoft Entra provisioning, and managed operations. Works with See the HR and enterprise platforms UNIFYConnect integrates with to automate identity provisioning, access lifecycle controls, and compliance … Enhancing Entra ID How UNIFYConnect extends Microsoft Entra ID integration, provisioning, and governance capabilities across hybrid identity environments. Agent Learn how UNIFYConnect Agent provides secure private-network connectivity between customer-hosted systems and UNIFYConnect-managed identity workflows. FAQs UNIFYConnect FAQs answer common questions on deployment, integration, security, support, and operations for identity lifecycle automation.
Why it matters

Many identity workflows still need to reach private-network systems.

UNIFYConnect Cloud can manage identity workflows, but some targets remain inside customer networks, including Active Directory, HR systems, and internal applications.
UNIFYConnect Agent, formerly referred to publicly as UNIFY Port Bridge, provides a controlled connectivity pattern for those private targets.
Secure outbound connectivity
Support private-network targets without opening inbound access directly to internal systems.
Hybrid identity reach
Connect cloud-managed workflows to on-premises identity environments and internal applications.
Operational deployment
Run as a Windows service or console application depending on deployment and testing requirements.
Mapped target access
Expose only the required relay, host, and host-port mappings for the agreed internal service.
Connection workflow

The agent brokers controlled access to approved internal targets.

UNIFY works with each customer to define the required relay name, host, and host-port mappings for the internal service being exposed to the UNIFYConnect workflow.
Install
Deploy UNIFYConnect Agent on an approved internal Windows host.
Configure
Set the required relay, host, and port mappings for the private-network target.
Operate
Run the agent as a managed service or controlled console process using deployment-specific credentials and settings.
Technical flow

The agent keeps the network path outbound while UNIFYConnect orchestrates the workflow.

At a high level, UNIFYConnect sends approved workflow requests through a secure relay. The customer-hosted agent maintains the outbound encrypted session and then connects only to the configured internal targets.
flowchart LR UC["UNIFYConnect workflow"] Relay["Secure relay"] Agent["UNIFYConnect Agent\ncustomer-hosted Windows service"] subgraph Customer["Customer private network"] AD["Active Directory"] HR["HR system"] APP["Internal application"] end UC -->|"approved workflow request"| Relay Agent -->|"outbound encrypted connection"| Relay Relay -. "uses established outbound session" .-> Agent Agent -->|"LDAPS / HTTPS / vendor API"| AD Agent -->|"HTTPS / vendor API"| HR Agent -->|"HTTPS / LDAP / application protocol"| APP
UNIFYConnect Agent deployment pattern for private-network identity targets.

Specific relay names, internal hosts, ports, protocols, credentials, and runtime settings are defined per customer deployment.

Security posture

The connectivity model is scoped to the deployment requirement.

The agent is configured for customer-specific access control and runtime settings. Connectivity is encrypted and aligned to the governance and network expectations agreed for the environment.
Customer-specific configuration Use deployment-specific credentials, relay names, host mappings, and runtime settings.
Encrypted relay pattern Support secure connectivity between UNIFYConnect workflows and internal targets.
Governed deployment Align installation and operation to customer security, network, and change requirements.
Talk to us

Need UNIFYConnect to reach private-network targets?

Tell UNIFY which internal directories, HR systems, or applications need to be connected to your identity workflow.
Looks good!
Please enter your name.
Looks good!
Please enter your company.
Looks good!
Please enter your e-mail address so we can contact you.
This form uses Google ReCaptcha to ensure interactions with our site are from legitimate users. Please accept the use of recommended storage before submitting the form. Find out more at the Privacy Center.

By clicking the "Send" button, I consent to the collection, use and/or disclosure of my data in this form by UNIFY Solutions to contact me for the purpose of fulfilling my request. I understand and agree that should I wish to stop receiving such materials, I can request to cease communications by replying to the email and requesting to opt-out.

This site is protected by reCAPTCHA.

Your message could not be sent. Try again later.