[
  {"timestamp": "0:05", "title": "AWS S3 Access via IAM Roles Implementation", "summary": "Moving from individual user access keys to IAM role-based S3 bucket access requires ARN connections with updated policies for role-based permissions. ETS implements this using ARN for 100+ S3 buckets with KMS key policies configured for both EARN and bucket keys."},
  {"timestamp": "3:00", "title": "On-Premises vs Cloud Role-Based Access Complexity", "summary": "Roles are more complex in on-premises systems due to token authentication and chaining requirements. Cloud-hosted implementations are more intuitive when system connects directly to S3. On-premises deployments require extra authentication layers."},
  {"timestamp": "4:13", "title": "External Partner Cloud Environment File Transfers", "summary": "Cross-cloud transfers between different AWS accounts are supported. No direct detection mechanism for whether S3 is AWS, Azure, or on-premises; system doesn't inherently distinguish deployment type."},
  {"timestamp": "7:20", "title": "Cloud vs On-Premises Installation Parity", "summary": "Cloud-based and on-premises installations use identical software, installers, and policies. Axway managed cloud applies additional rules on top of ST, but core product remains identical across deployment models."},
  {"timestamp": "8:55", "title": "Database Access and Admin Tooling in Cloud Deployments", "summary": "Heavy database query users need read-only access for cleanup queries — identifying unused configurations, dead objects, unassigned transfer sites. API 2.0 consolidates endpoints but doesn't fully replace direct database queries for complex reporting."},
  {"timestamp": "13:23", "title": "Ideas Portal for API Enhancement Requests", "summary": "R&D uses Ideas portal to prioritize missing API capabilities. Feature requests from users directly influence development roadmap. Developers cannot invent features without explicit user requests; portal submissions essential for visibility."},
  {"timestamp": "15:52", "title": "Enterprise Cluster CPU and Memory Sizing", "summary": "24GB RAM with 4 CPUs now considered minimum configuration. Transaction managers running 8-12GB independently. Virtual environments may show high sustained CPU usage (100-200%). Support should investigate potential memory leaks or configuration issues if CPU consistently pegs near max."},
  {"timestamp": "17:39", "title": "Version 5.5 Update Strategy and Continuous Development", "summary": "Currently on version 5.5 with monthly updates; no future major version planned. R&D recommends monthly updates; practical guidance is quarterly (3-4 times yearly) to allow testing and skip bad builds. Never stay more than 1 year behind due to security risk."},
  {"timestamp": "22:06", "title": "File Maintenance Application Slow Rollout", "summary": "File Maintenance application for cleanup should deploy gradually by business unit or user group. Enabling all users at once causes overnight deletion process overload. Stagger user enablement to manage deletion workload."},
  {"timestamp": "23:27", "title": "Cluster Node Synchronization and DNS/Networking Issues", "summary": "Enterprise cluster nodes showing alternating offline status likely caused by DNS caching, networking reset, kernel patch, or security update. Adding server IPs to host files removes DNS dependency. Check networking team for scheduled maintenance coinciding with outages."},
  {"timestamp": "27:08", "title": "Networking Diagnostics for Cluster Connectivity", "summary": "Connection failures between nodes caused by DNS cache leaks or incomplete cache updates. Restart clears memory and networking caches, temporarily fixing issue. Coordinate with OS and networking teams to identify kernel patches or DNS resolver changes introduced within 2 weeks before first failure."},
  {"timestamp": "31:15", "title": "Token-Based API Authentication and OAuth Integration", "summary": "OAuth plugin available but handles authentication only, not authorization. Moving to SAML with external IDP is the cleanest path for token-based auth. Certificate authentication remains basic auth equivalent. Custom HTTPS plugins possible but not delivered out-of-box."},
  {"timestamp": "35:18", "title": "High Availability Across Domains (HADA) Development Status", "summary": "HADA development ongoing; no release date confirmed (expected late 2024 or early 2025). Will require beta partnership. Technological challenges in multi-domain HA persist; solution may not fully match original specifications."},
  {"timestamp": "37:21", "title": "Version Update Frequency and Security Patching", "summary": "Quarterly update cadence recommended (minimum 2-3 times yearly) to allow test cycles and ability to skip bad builds. One-year gaps create security risk. Critical security updates should be applied immediately regardless of schedule."},
  {"timestamp": "39:45", "title": "XUB Gateway to SecureTransport Migration Process", "summary": "Migration is not one-to-one; requires architectural review and sometimes redesign. Effort depends on partner count, protocols, and complexity. Passwords cannot migrate due to hashing vs encryption difference. European services team has 2+ years experience with this migration."},
  {"timestamp": "45:23", "title": "Windows Clustering Unsupported: Application-Level Only", "summary": "Never use Windows OS-level clustering; ST not supported on Windows clustering service. Application-level clustering mandatory. ST is a Unix application ported to Windows and cannot leverage Windows native services for HA."},
  {"timestamp": "48:25", "title": "Database Licensing and Standard vs Enterprise Cluster", "summary": "Standard cluster uses embedded MariaDB; cannot switch to SQL Server, Oracle, or PostgreSQL without enterprise license. Embedded database not user-managed — Axway may change database without notice (migrated MySQL to MariaDB previously)."},
  {"timestamp": "49:59", "title": "Enterprise vs Standard Cluster Technical Differences", "summary": "Enterprise: Failed node auto-rejoins cluster; load-based job distribution. Standard: Manual node reinstatement required; primary dispatcher sends jobs ignoring secondary load. Server logs split across nodes in standard; consolidated in enterprise. Tracking table on primary only in standard cluster."},
  {"timestamp": "52:02", "title": "Windows Service Startup Timing and Boot Issues", "summary": "Database must fully start before other services attempt startup. Windows fix: Set services to manual; create single service that starts database, waits 30+ seconds, then starts remaining services."}
]