Cloud Secure Edge Docs

CSE Home> Private Resources> Generic TCP Services> Publish an Generic TCP Service to Users

Secure Connectivity

Policy Controls

Administer Cloud Secure Edge

More Resources

Register a Generic TCP Infrastructure Service

This article will show you how to create a Infrastructure service to enable access to an internal database located in your private network, so a user can conveniently yet securely connect using their preferred DB management tool.

Updated On: Jun 30, 2025

1. End user requests access to server. User's request is routed to CSE.
2. CSE runs a device trust check via user's org's device manager, which is integrated with the app.
3. Once verified, the device is then authenticated via their org's identity provider.
4. Once authenticated, user's device is issued a Trust Cert. Banyanproxy adds the Trust Cert to the user's request.
5. User's request is passed to the Global Edge Network, relayed to the Connector inside the org's private network, and then sent to the server.

Select the product-team Access Tier
Enter the Service Domain Name for this service mydb.corp.example.com and leave the port as 8443; the Banyan app will connect to this domain to set up an MTLS tunnel so users can access the service