2 Replies Latest reply on Mar 26, 2018 7:37 PM by Dave Reeck Branched to a new discussion.

    Putting a Load Balancer in front of Tableau Bridge

    Matt Herrett

      Hi all

       

      I'm just investigating how to implement Tableau Bridge securely into our environment.

       

      We run a Windows domain with a security policy that doesn't allow for direct incoming connections to servers within the domain. We instead either host our webservers between two firewalls (one external and one internal) in a DMZ, or use a DMZ homed Citrix Netscaler to forward traffic onto webservers that run on the Windows domain.

       

      Looking through the Tableau bridge documentation, it looks like it needs to run on the same Windows domain as the data source databases, which in our case are SQL hosted inside our corporate Windows domain. So, putting the Tableau Bridge machine in the DMZ is not an option.

       

      I'm not sure if we can utilise the Netscaler and put it in front of the machine running Tableau Bridge with a port open for 443. has anyone had any success with this? I've drawn it up and attached it to show you what I mean. Any help gratefully received.

       

      Cheers

      Matt

      Tableau Bridge using Netscaler.jpg

        • 1. Re: Putting a Load Balancer in front of Tableau Bridge

          Hi Matt Herrett,

           

          Welcome to the Tableau forums!

           

          If you are looking for guidance regarding the implementation of Bridge, I got you cover:

           

          Microsoft SQL Server or MySQL will run fine, no worries.

           

          Regarding Netscape, I had no experience with this and I haven't found any interesting information about the latter, so I'll leave it for the community.

           

          Let me know if you need further support.

           

          ----------

          Lénaïc RIÉDINGER, Global Community Engineer Tableau

          Tableau Community Forums | Knowledge Base

          If you see a Helpful or Correct response, please mark it thanks to the buttons below the targeted post!

          2 of 2 people found this helpful
          • 2. Re: Putting a Load Balancer in front of Tableau Bridge
            Dave Reeck

            Hey @

            Putting a Load Balancer in front of Tableau Bridge

            This question is Not Answered.

            Matt HerrettVizitor

             

            Briefly: I think what you're proposing would work, but may not be necessary.

             

            Bridge does not require any direct, incoming connections from Online to function (it initiates all communication on an out-bound from client basis). Does the no direct incoming connections to server within the domain policy apply to the database servers themselves? I'm not clear how you'd use Windows Authentication in this case, but maybe I'm mis-understanding (wouldn't be the first time :-) ). If the policy is regarding opening inbound ports for Bridge then you should be fine without using load balancer. Bridge will open outbound connections directly to Online.

             

            Assuming I've mis-understood - I think your load balancer scheme should work, and I'd encourage you to try it out. It should work fine for extract refreshes (that's just plain old SSL), and for live connections we use Web Sockets which should flow just fine as long as Bridge can successfully reach Online across your firewalls & LB.

             

            I hope that helps, let me know!

             

            Dave Reeck

            Sr. Product Manager

            Tableau