Register a Generic TCP Infrastructure Service

This article will show you how to create a Infrastructure service to enable access to an internal database located in your private network, so a user can conveniently yet securely connect using their preferred DB management tool.
Updated On: Jun 30, 2025

1. End user requests access to server. User's request is routed to CSE.
2. CSE runs a device trust check via user's org's device manager, which is integrated with the app.
3. Once verified, the device is then authenticated via their org's identity provider.
4. Once authenticated, user's device is issued a Trust Cert. Banyanproxy adds the Trust Cert to the user's request.
5. User's request is passed to the Global Edge Network, relayed to the Connector inside the org's private network, and then sent to the server.

  • Select the product-team Access Tier

  • Enter the Service Domain Name for this service mydb.corp.example.com and leave the port as 8443; the Banyan app will connect to this domain to set up an MTLS tunnel so users can access the service