riskmatch broker data connectivity overview
TRANSCRIPT
RiskMatchPartnerBrokerDataConnectivityOverview
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
TableofContents
Overview....................................................................................................................................31
InaNutshell...............................................................................................................................32
Extractor....................................................................................................................................333.1 InstallingRiskMatchExtractor.............................................................................................................................................33.2 UsingRiskMatchExtractor.....................................................................................................................................................43.3 WhatIsExtractedByTheExtractor...................................................................................................................................53.4 Requirements...............................................................................................................................................................................5
Uploader....................................................................................................................................644.1 InstallingRiskMatchUploader.............................................................................................................................................64.2 UsingRiskMatchUploader.....................................................................................................................................................74.3 Requirements...............................................................................................................................................................................8
SettingUpAutomaticNightlyUpload.........................................................................................85
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
Overview1ThisdocumentprovidesanoverviewandtherequirementsforloadingdataontoRiskMatch®platform.
InaNutshell2RiskMatchprovidesBrokerITwithaturn-keysolutionconsistingoftwocomponents:‘Extractor’and‘Uploader’.ExtractorisinstalledbyBrokerITononeoftheBroker’sservershavingconnectivitytotheAgencyManagementSystem’sdatabase.Extractorispre-configuredtorunasetofSQLqueriestoextractrequiredinformation.TheextractedinformationisstoredlocallyontheBroker’sserver.Wheninformationisextracted,theExtractorwillinvokeUploader(typicallyinstalledonthesameserver)toencrypttheextractedinformationandtouploadittoRiskMatchservers.Thisisa‘push’solutionfromBrokerinfrastructurepointofview.ThereisnoneedforBrokerITtoengageinanycustomfeeddevelopment.AllSQLqueriesperformedbytheExtractorarevisibletoBrokerIT,aswellastheencryptionstepstakenbyUploader.
Processflow:
1. Extractorexecutablereadsplain-textconfigurationfilewiththeSQLqueries2. ExtractorrunsthequeriesagainstAMSdatabaseserver3. Extractorstorestheextractedinformationlocally4. Uploader(plain-textwindows.cmdscript)zipsthefolder,encryptsit,anduploadstosecurelocationon
AmazonWebServices
Extractor3
3.1 InstallingRiskMatchExtractorRiskMatchExtractorinstallercreatesready-to-usewindows.cmdscriptsthatwillperformallthestepsrequiredtoextractthedatafromAgencyManagementSystem(s).
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
YourITteamwillreceiveanexecutableinstallerfromRiskMatchITteam,generatedspecificallyforyourbrokercompanyandforthespecifictype(s)ofyourAgencyManagementSystem(s)(AMS360/EPIC/Sagitta/Vision/TAM).Onelaunched,theinstallerwillperformthefollowingactions:
1. Createadirectorywewillrefertoas‘RiskMatchExtractorHomeDirectory’inthissection(werecommendusingthedefaultlocationof‘C:\RMExtractor’)
2. Generate.cmdscripts(inRiskMatchExtractorHomeDirectory)toperformextractionofthedata.
3.2 UsingRiskMatchExtractorUnderRiskMatchExtractorHomeDirectorythereisanindividualdirectoryforeachinstanceoftheAgencyManagementSystemtoextractthedatafrom.ThetypesandquantitiesofeachAgencyManagementSystemwouldhavetobeprovidedtoRiskMatchITinadvanceandthecustom-builtextractorwillhaveeverythingpre-configured.ForeachAgencyManagementSystemthefolderwillcontainthefollowing:
• bin(directory)–containstheexecutable• prod-configuration.properties–containsalltheparametersfortheextractor,includingSQLqueriestobe
executedandthedirectorywheretostoreextracteddata• prod-credentials.properties–containstheSQLServerconnectivityinformation:nameoftheserver,name
ofthedatabaseinSQLServer,andlogin/passwordforSQLServerauthentication(incaseIntegrated
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
Securityisusedlogin/passwordsectioncanbeblank).ThisfileispopulatedbytheBrokerIT,RiskMatchdoesnotneedtoknowanyoftheconnectivitydetailsorcredentials.
• prod-extract.cmd–willruntheextractorandwillstoretheextractedfilesinthedirectoryspecifiedinprod-configuration.propertiesfile.ThisscriptdoesnotuploadanythingtoRiskMatch.
• prod-extract-upload.cmd–willrunprod-extract.cmdandthenwillinvoketheUploadertoencryptthedataanduploadittoRiskMatchservers.ThisisthefilethatwillbescheduledbyBrokerITtorunonadailybasis(typicallyduringthenight).
Note:inthesamedirectoryyouwillseesimilarfileswhosenamesstartwith‘test’insteadof‘prod’.Thesefileswillbeusedincasefurthercustomizationisrequired(forexampleSQLqueriesareadded/changed)butthechangesmustbetestedpriortoapplyingthemtowhatiscurrentlyisthe‘live’configurationoftheextractor(in‘prod’files)
3.3 WhatIsExtractedByTheExtractorThefulllistofextracteddatatablesisspecifictotheAgencyManagementSystemandtotheBroker,andcanbefoundinprod-configuration.propertiesconfigurationfileoftheExtractor.Onahighlevel,thefollowingentitiesareextracted:
PolicyOnlytheCommercialProperty&Casualtypolicies:• Allboundpoliciesthatare:
(a)Currentlyinforce,or(b)Startedorexpiredafter1/1/2014
Endorsements/Transactions
Changesoramendmentstothepolicies.Client
Clientandnameinsuredreferencedbytheextractedpolicies.Party
Thisconsistsofinformationaboutentitiesthatthebrokerdoesbusinesswith,orhasarelationshipwith.Itcanbetheinsurer,issuingpaper,pay-to,wholesaler,MGA,MGA-wholesaler,captive,syndicateetc.
Person
Personnelworkingfor,oronbehalfofthebrokerorganization,liketheaccountexecutive,specialistetc.
VariousReferenceDataVariousmetadatasuchlistingofLinesofBusiness,Offices,Departments,Agencies,typesofTransactionCodesetc.
3.4 RequirementsExtractorcanberunonthefollowingoperatingsystems:
• Windows7(32and64bit)• Windows8(32and64bit)• WindowsServer2003SP2(32and64bit)• WindowsServer2008(32and64bit)• WindowsServer2008R2(64bit)• WindowsServer2012(64bit)• WindowsServer2012R2(64bit)• WindowsServer2016(64bit)
MinimumHardwarerequirements:
• 2GBofRAM• 1.2GHzCPU
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
• 2GBoffreespaceonHDDNetworkConnectivityrequirements:
• Epic/AMS360/Vision:SinceextractorwillbeextractingthedatafromtheAgencyManagementSystem(s),itneedstobeabletoexecuteSQLqueriesagainsttheSQLServerstoringtheAgencyManagementSystem’sdata:
o TheserveronwhichExtractorwillbeinstalledmusthavenetworkconnectivitytotheSQLServerinordertoexecuteSQLqueries
§ ForAMS360deployedintheVertaforecloud,thebrokerneedstoworkwithVertaforetopurchaseandconfigurenecessaryVPNequipmenttoestablishVPNconnectivitytotheSQLserverintheVertaforecloud
§ ForEPICdeployedintheAppliedSystemscloud,thebrokerneedstoworkwithAppliedSystemstopurchaseandconfigurenecessaryVPNequipmentaswellasbroker-hostedMSSQLServerinstanceintowhichAppliedwillbepushingthereplicateddatafromtheircloudSQLServer(AppliedSystemsreferstothisprocessasBDE–BulkDataExtract)
o SQLServerauthentication:eitherviaIntegratedSecurity(viaOSuser–thisistherecommendedoptionunlessSQLServerishosted/managedbyVertaforeorAppliedSystems)orviaexplicitSQLServerusercredentials(sinceExtractorisinstalledandconfiguredonBroker’sserverbyBroker’sITpersonnel,RiskMatchdoesnotneedtoeverknowthesecredentials)
§ SQLServerpermissions:regardlessofthesqlserverauthentication,thesqluseronlyneedsread-onlyaccesstotheEpic/AMS360/Visionschema
• Sagitta:ExtractorusesODBCconnectionofUniVersedatabase• TAM:sinceTAMisVisualFoxPro-based,thewindowsuseraccountrunningtheextractorexecutablemust
haveaccesstotwonetworkdirectorieswhereTAMstoresitsdatafiles(namesofthedirectoriesare:TAM,APPS).
o Whenconfiguringextractor,itisrecommendedinsteadofmappeddrivenamestouseserversharepaths(i.e.insteadofG:\TAM;G\APPStospecify\\share\applied\TAM;\\share\applied\APPS)
Uploader4
4.1 InstallingRiskMatchUploaderRiskMatchUploaderinstallercreatesready-to-usewindows.cmdscriptsthatwillperformallthestepsrequiredtozip,encrypt,anduploadthefile(s)fromspecificdirectorytoRiskMatch,withoutyouhavingtoconfigureanything.YourITteamwillreceiveanexecutableinstallerfromRiskMatchITteam,generatedspecificallyforyourbrokercompanyandpre-configuredwithyoursecuritycredentials.Onelaunched,theinstallerwillperformthefollowingactions:
1. InstallAWSCommandLinesupport2. InstallGnuPGandaddRiskMatchpublickeytoitskeyring(thisstepisoptionalstepincaseyoupreferto
usePGP)3. Createadirectorywewillrefertoas‘RiskMatchUploaderHomeDirectory’inthissection(werecommend
usingthedefaultlocationof‘C:\RMUploader’)4. Puta7-zipcommandlineexecutableinRiskMatchUploaderHomeDirectory(thisisusedtozipfilesfor
upload.Ifyouhavewinzipinstalledyoucanchangethe.cmdscripttousewinzipifyouprefer).5. Generate.cmdscripts(inRiskMatchUploaderHomeDirectory)withcorrectsecuritycredentialsandAWS
uploaddestinationsothatyoucanusethesescriptsrightawaytouploadtestfiles.
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
4.2 UsingRiskMatchUploaderUnderRiskMatchUploaderHomeDirectorythereisanindividualdirectoryforeachinstanceoftheAgencyManagementSystemtouploadthedatafrom.ThetypesandquantitiesofeachAgencyManagementSystemwouldhavetobeprovidedtoRiskMatchITinadvanceandthecustom-builtUploaderwillhaveeverythingpre-configured.
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
ForeachAgencyManagementSystemthefolderwillcontainthefollowing:
• prod-data-dropbox(directory)–thisisadirectorywheretheExtractorwillbeputtingthedatafile(s)touploadtoRiskMatch.Thereisnoneedtocleanthisdirectory,theExtractorscriptswilldothatautomatically.Foryouconveniencethereisasimpleprod-clean.cmdscriptthatyoucanusetocleanthisdirectory.
• prod-internal(directory)–internaldirectoryusedbyprod-riskmatch-upload.cmdtopreparethezipfileandencryptit.Youdon’thavetocleanthisdirectory,itisdoneautomaticallybythescript.Basically,justignorethisdirectory.
• prod-riskmatch-upload.cmd–thescripttozip,encrypt,anduploadthefilesfromprod-data-dropboxdirectory.ThisisthescripttouploadyourdatatoRiskMatch.
• prod-clean.cmd–simplescripttocleanprod-data-dropboxdirectoryNote:inthesamedirectoryyouwillseesimilarfileswhosenamesstartwith‘test’insteadof‘prod’.Thesefileswillbeusedincasefurthercustomizationisrequired(forexample,Extractor’sSQLqueriesareadded/changed)butthechangesmustbetestedpriortoapplyingthemtowhatiscurrentlyisthe‘live’configurationknowntoRiskMatchTMPlatform.
4.3 RequirementsTheOS/hardwarerequirementsforUploaderarethesameasfortheExtractor.NetworkConnectivityrequirements:
• OutboundconnectionsonTCPport443mustbeenabledfors3.amazonaws.com
SettingUpAutomaticNightlyUpload5ToconfigureautomaticnightlyuploadtoRiskMatch:
1. Usingwindowstaskscheduler,setupadailytask(ifsomeUIparameterisnotspecifiedbelowitmeansusethedefaultvalue):
a. Name:RMExtractor(anynamewillwork,thisisjustaconvention)
b. Action:C:\RMExtractor\<agencyname>\prod-<amstype>-extract-upload.cmd
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
c. Trigger:dailyanytimeduringtheoff-businesshours,forexampleat2:00am
d. Tickthe‘OpenthePropertiesdialog’checkbox:
2. OntheGeneralpropertiesyouhavetospecify3things:
Privileged & Confidential Information: Not for distribution. US pat. 9,165,324 and pat. 8,666,788
a. SpecifytheadministrativeuserwhohasaccesstotheC:\RMExtractorandC:\RMUploaderfolders
(andincaseofTAM–tonetworkshareofTAMandAPPSdirectoriesasdiscussedin‘ExtractorRequirements’section)
b. Select‘Runwhetheruserisloggedonornot’c. Select‘Runwithhighestprivileges’