The strongDM network consists of a client on the user’s workstation, a gateway that the client communicates with, and optionally a relay between the gateway and the database/server the user needs access to.
When the client is installed, it listens on dedicated localhost ports for each remote database or server. Requests sent to this port are encrypted by the client and conveyed to the gateway. At the gateway, the requests are decrypted, logged, and conveyed to the database or server using its native protocol. If the gateway cannot communicate directly with the target database or server, a relay can be put in place for the last hop. This relay initiates an outbound connection to the gateway, creating a reverse tunnel that permits ingress into secured networks where inbound traffic is not allowed.