UNIFY Port Bridge
UNIFY Port Bridge is a point-to-point tunneling utility that enables secure, firewall-friendly communication between your on-premises network and UNIFY’s cloud services. It allows TCP listener ports and named pipes to be mapped from your internal network to Microsoft Entra ID, Active Directory, or other integrated services.
Unlike traditional SSH tunneling, UNIFY Port Bridge transmits traffic via a relay over a secure Service Bus, ensuring:
- No firewall modifications required.
- Service Bus authentication integration.
- All communication is routed over WebSocket for security.
Key Benefits
- Secure, encrypted connectivity over TLS 1.3.
- No firewall rule changes required.
- Multiplexed concurrent socket connections for high efficiency.
- Runs as a Windows service or console application.
- Ideal for tunneling to Active Directory, HR systems, and internal applications.
How It Works
UNIFY Port Bridge consists of two components:
- Port Bridge Agent: Listens for TCP or Named Pipe connections and transmits them to the Service Bus relay.
- Port Bridge Service: Connects to the relay and forwards traffic securely to the required internal service.
Connection Workflow
How Do I Use It?
UNIFY will work with you to configure your specific connection requirements. You will need to:
- Install UNIFY Port Bridge Service on an internal machine.
- Define port mappings for Active Directory or HR systems.
- Use the provided Service Bus credentials to establish secure tunneling.
The service is provided as a single executable file, installed as a Windows Service.
Port Bridge Service Configuration
The server configuration file (server.config.json) defines your Service Bus settings and allowed port mappings:
{
"PortBridge": {
"ServiceBusNamespace": "yournamespace.servicebus.windows.net",
"ServiceBusAccessRuleName": "AccessKeyName",
"ServiceBusAccessRuleKey": "AccessKeyValue",
"HostMappings": [
{
"targetHost": "yourserver",
"allowedPorts": "3389, 443",
"tcpHost": "127.0.0.1"
}
]
}
}
Port Bridge Agent Configuration
On the Agent side, define which ports or pipes to project into your machine:
<portBridgeAgent serviceBusNamespace="yournamespace.servicebus.windows.net"
serviceBusAccessRuleName="AccessKeyName"
serviceBusAccessRuleKey="AccessKeyValue">
<portMappings>
<port localTcpPort="13389" targetHost="yourserver" remoteTcpPort="3389">
<firewallRules>
<rule source="127.0.0.1" />
<rule sourceRangeBegin="10.0.0.0" sourceRangeEnd="10.255.255.255" />
</firewallRules>
</port>
</portMappings>
</portBridgeAgent>
Installing as a Windows Service
The Port Bridge Service (Unify.PortBridge.Server.exe) can be installed as a Windows Service for automated startup and stability.
Installation Commands
Run the following as administrator to install the service:
Command Line
sc create PortBridgeService BinPath=C:\Path\To\Unify.PortBridge.Server.exe displayname=Unify.PortBridge
PowerShell
New-Service -Name "PortBridgeService" -BinaryPathName "C:\Path\To\Unify.PortBridge.Server.exe" -DisplayName "Unify.PortBridge"
Once installed, restart the service using:
Restart-Service PortBridgeService
Security & Compliance
- TLS 1.3 encryption secures all transmitted data.
- No firewall rule modifications required.
- ISO 27001-certified security standards applied.
- Access control using Service Bus authorization.
More Questions?
Let us know—we’re happy to help!