Layer7 API Management

The Process Controller is a daemon responsible for starting and maintaining the run status of the Gateway. It runs as user layer7, which has elevated privileges. When the ssg rc script runs on an appliance (see /etc/init.d/ssg) it actually starts the Process Controller (see /opt/SecureSpan/Controller/bin/processcontroller.sh), which in turn checks for a configured Gateway and, if found, starts it. You see two processes related to it because it is initially the root owned process that makes the call using su to run it as layer7. Once the Gateway is running, the Process Controller confirms that it is running every minute and, if not, it will kill any Gateway processes and restart the Gateway. It also listens at port 8765 for Enterprise Service Manager and Gateway requests to "do things" as the elevated user layer7, such as managing the firewall ports, etc.

The karaf process is for the Foundation Services, which are accessed from the ssgconfig menu under 1) Configure system settings -> 5) Use Restricted Shell. It is a mechanism for managing OS level configurations without accessing root. There are two karaf related processes for the same reason as there are two Process Controler process - the first is the root call that uses su to switch it to fndsrv. To be honest, the Foundation Services have never seen a lot of use that I am aware.

SSPC stands for SecureSpan Process Controller. SecureSpan was the original branding of the Layer 7 product, hence SSG stands for SecureSpan Gateway.

Killing the Process Controller will also kill the Gateway. I don't recommend doing that, nor do I see any reason to do so. As for the karaf processes, I don't see a reason to kill them ether, but I am not aware of any negative effect if one does. That is not to say it will not have a negative effect, only that I am not aware of any, so it is probably best to leave it alone, too.

+
1 Java process (gateway) belong to /opt/SecureSpan/Gateway/runtime/Gateway.jar pc run is the main process (there will be an impact when killed)

The Process Controller is a daemon responsible for starting and maintaining the run status of the Gateway. It runs as user layer7, which has elevated privileges. When the ssg rc script runs on an appliance (see /etc/init.d/ssg) it actually starts the Process Controller (see /opt/SecureSpan/Controller/bin/processcontroller.sh), which in turn checks for a configured Gateway and, if found, starts it. You see two processes related to it because it is initially the root owned process that makes the call using su to run it as layer7. Once the Gateway is running, the Process Controller confirms that it is running every minute and, if not, it will kill any Gateway processes and restart the Gateway. It also listens at port 8765 for Enterprise Service Manager and Gateway requests to "do things" as the elevated user layer7, such as managing the firewall ports, etc.

The karaf process is for the Foundation Services, which are accessed from the ssgconfig menu under 1) Configure system settings -> 5) Use Restricted Shell. It is a mechanism for managing OS level configurations without accessing root. There are two karaf related processes for the same reason as there are two Process Controler process - the first is the root call that uses su to switch it to fndsrv. To be honest, the Foundation Services have never seen a lot of use that I am aware.

SSPC stands for SecureSpan Process Controller. SecureSpan was the original branding of the Layer 7 product, hence SSG stands for SecureSpan Gateway.

Killing the Process Controller will also kill the Gateway. I don't recommend doing that, nor do I see any reason to do so. As for the karaf processes, I don't see a reason to kill them ether, but I am not aware of any negative effect if one does. That is not to say it will not have a negative effect, only that I am not aware of any, so it is probably best to leave it alone, too.

The Process Controller is a daemon responsible for starting and maintaining the run status of the Gateway. It runs as user layer7, which has elevated privileges. When the ssg rc script runs on an appliance (see /etc/init.d/ssg) it actually starts the Process Controller (see /opt/SecureSpan/Controller/bin/processcontroller.sh), which in turn checks for a configured Gateway and, if found, starts it. You see two processes related to it because it is initially the root owned process that makes the call using su to run it as layer7. Once the Gateway is running, the Process Controller confirms that it is running every minute and, if not, it will kill any Gateway processes and restart the Gateway. It also listens at port 8765 for Enterprise Service Manager and Gateway requests to "do things" as the elevated user layer7, such as managing the firewall ports, etc.

The karaf process is for the Foundation Services, which are accessed from the ssgconfig menu under 1) Configure system settings -> 5) Use Restricted Shell. It is a mechanism for managing OS level configurations without accessing root. There are two karaf related processes for the same reason as there are two Process Controler process - the first is the root call that uses su to switch it to fndsrv. To be honest, the Foundation Services have never seen a lot of use that I am aware.

SSPC stands for SecureSpan Process Controller. SecureSpan was the original branding of the Layer 7 product, hence SSG stands for SecureSpan Gateway.

Killing the Process Controller will also kill the Gateway. I don't recommend doing that, nor do I see any reason to do so. As for the karaf processes, I don't see a reason to kill them ether, but I am not aware of any negative effect if one does. That is not to say it will not have a negative effect, only that I am not aware of any, so it is probably best to leave it alone, too.

The Process Controller is a daemon responsible for starting and maintaining the run status of the Gateway. It runs as user layer7, which has elevated privileges. When the ssg rc script runs on an appliance (see /etc/init.d/ssg) it actually starts the Process Controller (see /opt/SecureSpan/Controller/bin/processcontroller.sh), which in turn checks for a configured Gateway and, if found, starts it. You see two processes related to it because it is initially the root owned process that makes the call using su to run it as layer7. Once the Gateway is running, the Process Controller confirms that it is running every minute and, if not, it will kill any Gateway processes and restart the Gateway. It also listens at port 8765 for Enterprise Service Manager and Gateway requests to "do things" as the elevated user layer7, such as managing the firewall ports, etc.

The karaf process is for the Foundation Services, which are accessed from the ssgconfig menu under 1) Configure system settings -> 5) Use Restricted Shell. It is a mechanism for managing OS level configurations without accessing root. There are two karaf related processes for the same reason as there are two Process Controler process - the first is the root call that uses su to switch it to fndsrv. To be honest, the Foundation Services have never seen a lot of use that I am aware.

SSPC stands for SecureSpan Process Controller. SecureSpan was the original branding of the Layer 7 product, hence SSG stands for SecureSpan Gateway.

Killing the Process Controller will also kill the Gateway. I don't recommend doing that, nor do I see any reason to do so. As for the karaf processes, I don't see a reason to kill them ether, but I am not aware of any negative effect if one does. That is not to say it will not have a negative effect, only that I am not aware of any, so it is probably best to leave it alone, too.