5.11 CellTrust SecureLine

There are two generations of CellTrust Generation 1 uses the module and Generation 2 which uses the REST API.

5.11.1 Generation 1

The CellTrust SecureLine module allows the collection of data from the CellTrust SecureLine server into the Retain system. CellTrust SecureLine supports the archival of SMS from both Android and iOS phones. All devices which are supported by the SecureLine server are covered by Retain.

To archive CellTrust SecureLine information, the SecureLine server must be configured to log SMS data. The server log files are what Retain uses to collect the information about SMS activity. If the SecureLine server has not been configured to log the data, Retain will be unable to archive the information. See below for SecureLine server configuration.

Configuring the CellTrust SecureLine Module is incredibly simple. Essentially, the module needs to be enabled and configured with the log file location. Afterwards, the data is treated the same as any other data entering the Retain archive. Data is archived in the database under the user/phone it originated from and can be searched and viewed through the Search Messages interface.

To enable the CellTrust module, select the ‘Configure’ link under the ‘CellTrust’ icon from the module page.

Core Settings

The module needs to be enabled on this page to make it active in the Retain system.

The module can be given a name.

The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page. See that section for more information.

5.11.2 SecureLine Servers

The log file path for each server in the system is required to archive the SMS data. To add a server to the Retain process, select the Green Plus Sign(+). Give the server a name (any name will do), and provide the log file path.

The log files must be directly accessible to the worker tasked with archiving the CellTrust SecureLine data, whether through direct access or through a mapped drive. The logfile path is the direct file access path to the log files of the CellTrust SecureLine server, (/opt/PM/scheduler/external by default), and should be specified as the worker will access the log files.

5.11.3 Archiving/Data Collection – About Workers, Profiles, Schedules, and Jobs

Getting data into the archive is the core functions of Retain. As such, sub-functions have been broken out to give you as much flexibility as possible in deciding your archive policy.

Your archiving policy will cover several points:

What to archive (jobs)
Includes what message server(s) to collect data from.
What worker
When will the data be collected (schedule)
How to collect the data will cover (profile)
Types of items or users to archive.
Date range of items to be archived.
Avoiding redundant data collection.
Utilizing storage flags to achieve 100% retention.
Whether to store attachments.
Advanced criteria, such as attachment names, or folder locations.

5.11.4 Retain Job components

Schedule

The Schedule is the time framework that is set for the job to run on and provides the choice of how often, and when, the job is run. Single time, (job runs once), or a recurring time frame are available. Schedules are universal and are not module or job specific. They may be used for one or all jobs.

Profile

The Profile dictates which kinds of files to retrieve from the message system. All message system items are selectable to be archived, but you may also specify time periods, exclude folders or subjects, and how the data is stored. Profiles are module specific, and the profile section contains sections specified by each module and information only applicable to that module.

The Profile also has a very important function, duplicate checking. This keeps the Retain system from storing multiple instances of the same message. Make sure you check and read the section on Purge (GroupWise), Retention (GroupWise), and Item Store (Exchange/GroupWise) flags.

Worker

The worker is the part of Retain that actually pulls the data from the message system servers. The Worker contacts the Retain Server and gathers information on which jobs are associated with it, when to start them, and which items to get. Workers can only run one job at a time. Workers are not module specific, but may require module specific settings. These settings, where applicable, are found under the module specific tab.

Jobs

The Jobs section is where the Worker, Profile, and Schedule are all brought together and associated into a comprehensive configuration by allowing the user to tie their configuration to a selected SecureLine server and selected user list. The desired SeucureLine server must be selected. The Worker will not start archiving anything until a created job is bound to a Worker, Schedule, and Profile.

5.11.5 Secureline Server Configuration

Retain requires the CellTrust SecureLine server to create log files for the worker to access, digest, and send to the Retain Server for storage. To configure the SecureLine server to create these files requires the scheduled run of a Gwava Report script, a tool provided by CellTrust.

The script may be scheduled through the quartz scheduler.

To configure the quartz scheduler to run the GwavaReport script, navigate to the /opt/PM/bin directory and run the start_sched_client.sh script, then follow the desired prompts.

For example:

[root@dev04120lv bin]# ./start_sched_client.sh
Hi, welcome to PrimeMessage Scheduler configuration utility
You will be prompted to enter different values. Every time you finish to enter something - just hit "Enter". You can quit any time - just enter single 'q' character in the beginning of the line.
GOOOOD LUCK!
Select operation ( 1 - add job; 2 - remove job; 3 - pause job; 4 - resume job; 5 - current jobs):
1
Enter job name:
GwavaReport
Enter job class name ( omit ".class" part ):
GwavaReportJob
Please select Trigger type( 1 - Simple, 2 - Cron):

At this point, select whether you want to use a Cron configuration for the triggers or a simple type – this is an example using the simple type:

Please select Trigger type( 1 - Simple, 2 - Cron):
1
Enter delay ( in seconds ) before first execution:
30
Enter number of executions ( 0 for indefinite ):
2
Enter interval between executions ( in seconds ):
30
Enter job additional params ( String or int only)
When finished, enter empty line for attribute name
Enter attribute name:

The GwavaReport has no quartz attributes, so hit enter, then ctrl-c to exit the script.

Schedule the report to run as often as desired according to traffic and desired archival.

Once the report tool has run, it will place the necessary log file in the /opt/PM/scheduler/external directory. The files here are required by the Retain Worker. The Retain Worker required direct file access to these files. Whether by export or by local access, configure the CellTrust SecureLine module with the location of these files, the file location must be from the worker’s point of view.

5.11.6 CellTrust Generation 2

CellTrust generation 2 uses the REST Collector model.

5.11.7 Configure Retain Server Connection

Under Server Configuration/Communications you must setup the Retain Server Connection. This is the hostname or the public IP Address of the Retain server the host will be entered into the CellTrust system to connect to Retain. The port will be 48080 for HTTP or 443 for HTTPS protocols.

5.11.8 Install REST Licenses

Beyond Installing the module license PEM file to the Retain Server under the License page, you must install the REST license files. These will be downloaded as a ZIP file, there is no need to unzip this file.

Go to Server Configuration/REST API.

Scroll down to Submit License, Browse to the ZIP file and press Submit License.

The license will be uploaded to the Retain server and appear in the list under Application Settings. The Application will reflect what system Retain will connect to via REST.

5.11.9 Create REST Collector

Create a REST Collector by providing:

Collector Name

The Key and Secret will be used on the CellTrust side of the system for authentication.

Then press "Add collector" to enable the collector.

You may delete the collector.

Export the collector allows you to import the Key and Secret into the CellTrust system.

5.11.10 Configure the Module

To configure the CellTrust module, all that is required is to enable the Jobs in the module and Save Changes.

The “Enable Jobs” box must be checked to have data archiving functionality.

The Send Method option enables either the SMTP Forwarding or FTP features. For either feature to appear and function, the Module Forwarding tab must be configured on the Server Configuration page.

Save changes and the module is configured. You may need to disable and re-enable "Enable Job" before it will allow you to Save Changes.

There is no need to configure the SecureLine Servers.

Configure CellTrust

The REST connection to the collector needs to configured by the Admin on the CellTrust system side.

Provide the Retain Server URL, Tenant ID, Key and Secret.

Once the connection is made data will begin to flow into Retain from CellTrust and will appear in the user's Retain mailbox.

There are no Profiles or Jobs associated with this Module.