This page provides an introduction to the core concepts for peering that are relevant to Peer Manager.
Once established, you can use peer connections to share data between distinct spaces across two Foundry enrollments. A peer connection's configuration controls the types of data that may peer, the direction the data will peer, and the set of classification and other markings that can peer over the connection.
Through a peer connection, you can peer Foundry objects, object sets configured in Object Explorer, and Artifacts.
It is not yet possible to peer other Foundry resources over an established peer connection, such as Workshop applications. However, you can use Marketplace to distribute Workshop applications as well as other Foundry data products. When used together, Marketplace and peering enable you to create real-time collaborative workflows across enrollments.
A peer connection's security defines the set of security markings that are allowed to peer over the connection.
The classification marking on the peer connection defines the highest classification that is allowed to peer. Resources with Classification-based Access Control (CBAC) markings up to and including the peer connection's CBAC will be allowed to peer.
The markings on a peer connection provide an additional level of access control, as any markings on the resource to peer must be included in the peer connection's security.
Only data which satisfies the peer connection's security requirements may peer using that connection. Review the table below to help you determine how peering security functions in practice.
| Peer connection security | Resource to peer's classification | Resource to peer's additional markings | Will resource peer? |
|---|---|---|---|
| MOCK SECRET with no additional markings | MOCK UNCLASSIFIED | Operational | ❌ No. The Operational marking on the resource to peer is not included on the peer connection. |
| MOCK SECRET with no additional markings | MOCK SECRET | None | ✅ Yes |
MOCK SECRET with additional markings [Operational, Exercise] | MOCK UNCLASSIFIED | Operational | ✅ Yes |
MOCK SECRET with additional markings [Operational, Exercise] | MOCK SECRET | None | ✅ Yes |
Users can only manage a peer connection if they can manage the associated local space.
Peer Manager sends data between spaces via peering jobs. Each job corresponds to a specific data type sent in a particular direction. Peer Manager enumerates all jobs for a given connection in the connection's Overview page.