Flosum Cloud Apps Architecture

Overview

The diagram below illustrates the architecture of Flosum Cloud Applications, including Backup & Archive, which applies to both Customer and Flosum Hosted installations. The main distinction between the two is ownership of the Cloud VM (Cloud Virtual Machine).

In a Customer-Hosted setup, the customer owns the cloud instance where DevOps and Backup & Archive are installed and manages the infrastructure. In a Flosum-hosted setup, DevOps and Backup & Archive are installed on Flosum's AWS instance.

Each component shown in the above diagram is explained below.

Cloud Virtual Machine: A virtual machine is required to install the Backup & Archive application. The virtual machine must meet the recommended system requirements to ensure optimal performance. It should support the following requirements.

Domain Registration: A domain registration is required to host the Backup & Archive application. This domain must be registered before installing the Backup & Archive application.

SSL Certificate: A Secure Socket Layer (SSL) certificate is required to secure the communication between the Backup & Archive application and your Salesforce organization. Customers can choose between a free and a paid SSL certificate.

Identity Providers: Configure identity providers to manage access control for the Backup & Archive application. Customers have the following options to choose from:

• Username and password authentication

• OAuth 2.0

• Single-Sign on (SSO)

• Global Settings: Flosum uses its own User Management application, which provides controls for access to the Backup & Archive application.

Nginx: Nginx serves as a proxy for requests to the Backup & Archive Docker container. It also enables the use of certificates to support HTTPS. Nginx proxies requests to the Backup & Archive Docker container and facilitates SSL certificate functionality.

MySQL: MySQL stores Backup and archive application configuration settings. For example, the database stores information about Salesforce org access (Access token and refresh token), datasets, backup templates, CSV file IDs for backed-up objects, and logs for backup and restore jobs. An image of a MySQL database stores application configuration settings in a Docker compose file.

MySQL database is not used to store customer backups.

Storage: Local storage is utilized for storing data in the database, which can be of the following types:

• Storage (SSD gp2)

• Storage (SSD gp3)

• Storage (S3)

Backup & Archive offers backup compression capabilities for different types of files:

• Data and text files can be compressed to 60%. This means their backup size can be reduced by 60% compared to their original size.

• Binary files, on the other hand, cannot be compressed. Their compression factor is 0%, indicating that they cannot be further reduced in size through compression.

Anonymity and VPN usage: The Backup & Archive platform does not support anonymous data sharing or allow anonymous access to any information. However, It works seamlessly with VPNs, and there are no restrictions when using it with VPN connectivity.

Salesforce Shield: Backup & Archive is fully compatible with Salesforce Shield. Salesforce Shield encrypts data at rest, and when using Backup & Archive, data is pulled via APIs without any conflicts.

Backup & Archive and Salesforce Licenses: For Flosum DevOps, Salesforce Standard and Platform licenses are provisioned into the DevOps Production organization. A single Backup & Archive license key can manage multiple Salesforce organizations. Adding more organizations will increase the storage space required on the customer's side and incur an additional cost.

Current Version of Flosum Cloud Applications (i.e., DevOps, Backup & Archive): Please check and confirm the current version of Flosum Backup & Archive on the success portal: [https://success.flosum.com/s/solution].

Flosum Backup & Archive and Flosum DevOps are separate products. Flosum Backup & Archive is not an add-on to Flosum DevOps. Each product has its version number.