Security Description. FastViewer GmbH. Seite 1
|
|
- Dylan Ross
- 7 years ago
- Views:
Transcription
1 Security Description Seite 1
2 TABLE OF CONTENTS General Procedure Overview of Connection Setup General Security Features Security Features (Modules) Certificates Used (Codes) Certificates Used (SSL) External Certificates Data Protection Seite 2
3 GENERAL PROCEDURE Encryption method and data security The master module first obtains a list of the actively available FastViewer communication servers from multiple redundant web servers over HTTP. The master module looks for the fastest communication server, which is used for the subsequent session. This guarantees 100% reliability. The FastViewer Customer Portal can be used to configure whether communication should occur via servers distributed worldwide, across Europe, or exclusively in Germany. The master module then connects to the selected FastViewer communication server. It does this via port 5000 (TCP), port 443 (HTTPS) or port 80 (HTTP) or an existing proxy server, if present. The 6-digit session ID is obtained via this connection. This session ID is usually transmitted to the session partner over the telephone or by . The session partner then enters the obtained session ID into the client module. The client module also obtains the list of actively available FastViewer communication servers. The client module connects to the FastViewer communication server via port 5000 (TCP), port 443 (HTTPS) or port 80 (HTTP) or via an existing proxy server, if present. The master module and the client module then negotiate a 256-bit AES key (using the Rijndael algorithm). To ensure that data cannot be read at either the FastViewer communication server or at any other point in the connection, the rest of the communication takes place only via the 256- bit AES-encrypted connection. The FastViewer communication server is NOT able to decrypt the data because it is never in possession of the 256-bit AES key (see also the TÜV certificate)! The screen transfer then occurs in the desired direction. The session partner can stop the remote control at any time by pressing the "F11 key" on his or her keyboard. 1 Seite 3
4 GENERAL PROCEDURE Security features of FastViewer Secure Advisor With FastViewer Secure Advisor, a particularly intensive level of protection is required. This is ensured by triple security mechanisms: 1 Since the installed remote client requires only an outbound connection, remote access from the outside is not visible. Consequently, no hacker attacks are possible because no incoming port is open. 2 FastViewer works like a debit card with a PIN. Login requires possession of the appropriate FastViewer EXE file for the client and knowledge of the right login credentials. 3 Additional protection to guarantee security is provided through the Windows login. Extended protection mechanism through SMS authentication In addition to the previously mentioned security features, an SMS authentication function is available. To enable access the overview of remote devices, it is necessary to enter a login code, which is sent to the respective registered phone number. This ensures that remote maintenance sessions on remote clients are only possible exclusively by authorized personnel. Independence through own server solution Another possibility is to use your own server solution. This solution can be used completely independently of our IT infrastructure. All sessions are handled through your own server independently of the FastViewer communication servers. This variant uses the same security standards as described above. Multiple redundant systems can guarantee reliability. Rijndael algorithm In the year 2000, the National Institute of Standards and Technology established the Rijndael algorithm as the official standard, known as the Advanced Encryption Standard (AES). Fifteen potential candidates were involved in the three-year selection process. During the competition, the encryption formulas of the individual candidates were made public so that they could be tested (attacked) publicly by the competitors. From among the finalists, the Rijndael algorithm was selected as providing the "best combination of security, performance and effectiveness." (Source: ) 2 Seite 4
5 OVERVIEW SETTING UP A CONNECTION 1 Redundancy The master module looks for the fastest available communication server, which is then used for the subsequent session. If you are using your own server solution, a list of the available communication servers is stored in both the master module and the client module. If you are using multiple servers of your own, or if the FastViewer server is being used, the master module checks which server can respond the fastest to the request. This server provides the session ID and acts as the communication server for the session. This approach ensures a uniform load on the servers. The load is distributed automatically. 300 ms ms 1000 ms Closed corporate network etc. 1 Strict separation of servers If customers use their own server solution, the connection is set up only to the defined servers. If different versions are used, the FastViewer update server is accessed, unless the customers provide the versions themselves. This access can be securely prevented on request. In short, it is possible to ensure exclusive and secure communications within a defined corporate network. 3 Seite 5
6 GENERAL SECURITY FEATURES CRC check A checksum is built into the program code when compiling the EXE files. If this checksum is modified or hacked using a tool, the program can no longer be started due to a checksum error. This effectively prevents unwanted changes to the program code and ensures the functionality of all the defined security features. Video recording A video recording, which starts automatically on request, can be activated for verification purposes at both the customer and supporter ends. The video file is linked to the player in a separate, unmodifiable format and is output as an independent EXE file. This prevents subsequent manipulation. Log files After a session, a comprehensive log is made available, which allows conclusions to be drawn about the duration (start and end), host names and IP addresses involved. This log can be exported for evaluation purposes. Access is enabled via either the FastViewer-specific customer portal or the log viewer (if you are using your own server solution). Installation-free FastViewer is an application that does not have to be installed by either the supporter or the customer (except for Secure Advisor Remote Client, which is installed as a service). After a remote maintenance session, the program modules exit cleanly without any residual effects. This means that no interventions into the customer system and subsequent access to the remote system are possible. 4 Seite 6
7 SECURITY FEATURES (MODULES) Video recording 2 Logging The master and client modules independently enable the active session to be recorded. The video is saved in a separate format and permanently linked to our own player. At the remote end, it is always apparent when a video recording takes place. Information on the session being conducted is stored in an online log during a session. This information includes the FastViewer user name, session ID, number of participants, FastViewer version number, Windows login name, host names, IP addresses, free-text items and time stamp. The logs can be evaluated and exported via the customer portal or by using a separate tool if you are using your own server solution. 3 User Management 4 Pause function The user management can protect the master module against unauthorized access. The presenter can pause the active session at any time. This freezes image transmission. 5 Protection functions 6 Active Directory The user always retains control over the remote maintenance activities. The control rights can be withdrawn from the supporter by pressing the F11 key. The user has the option of canceling file access or the entire session at any time. Exported user keys can also be read from an existing Active Directory. These keys protect the module from being executed outside the domain. 7 Black list / White list 8 Application filter A black list or white list can be configured in the customer portal to make applications selectively available or to block access. This setting cannot be changed during the active session. Before the remote desktop is transmitted, the presenter has the opportunity to select the specific applications to be transmitted. You can also follow the same procedure for the desktop and task bar or newly launched applications. Security You can, description of course, also share the entire desktop. 5 Seite 7
8 SECURITY FEATURES (MODULES) Features 10 Ending a session All features can be configured via the customer portal. This makes it possible to customize the interaction between all security features. For example, file transfer and file storage can be prevented. Client control can also be prevented. The customer is able to end the session at any time. This is done by clicking on the Close button in the FastViewer sidebar. In addition, the customer has the option to stop the remote control by pressing the "F11 key" on his or her keyboard. The customer can thus actively prevent changes to his or her system and terminate access. 11 File transfer If the remote system is accessed by file transfer during an active session, multiple security barriers go into effect. The supported customer must approve the file transfer. If the approval is not granted, the file system cannot be accessed. A shared file transfer or file system access can, of course, also be canceled at any time. 6 Seite 8
9 SECURITY FEATURES (MODULES) Secure Advisor (Remote Access) Especially intensive protection mechanisms, which are carried out in addition to the activities described above, are needed for the remote access (installed service) of FastViewer Secure Advisor. 12 Outgoing connection 13 Access restriction The remote client is invisible to outside attacks due to its exclusively outgoing connection. Access is enabled only through the input of a user name and the associated password. 14 As secure as a debit card 15 Windows protection FastViewer works like a debit card with a PIN. Login requires possession of the appropriate FastViewer EXE file for the client and knowledge of the right login data. Additional protection is provided by the upstream Windows application of the client (subject to the respective Windows security settings). 16 Service settings 17 Timeout The user must activate the service to grant access (configurable). A timeout can be set. The customer decides whether or not access is granted after this timeout. 7 Seite 9
10 CERTIFICATES USED (CODE) Thawte code signing A thawte code-signing certificate is strongly recommended for all publishers who distribute code or content over the Internet or corporate extranets and who must ensure the integrity and authorship of that code. Features and benefits Signing of active content such as ActiveX, macros, MIDlet (J2ME) and Java Applets for secure electronic distribution via the Internet. This authenticated digital signature is used to efficiently verify your software source before it is downloaded: This ensures that your active content or code cannot be maliciously modified, grants your users access to the responsible publisher and offers the advantage of the secure thawte certification procedure on a global level. Online certificate status A major software vendor has released a beta version of its browser, which automatically checks the certificate status. This new testing protocol will accelerate thawte certificate validation, while reducing the misuse of invalid certificates and displaying the company data immediately to the end user. thawte has invested in its infrastructure and now offers a new "online certificate status protocol (OCSP)" instead of the old "certificate revocation lists (CRL)". Not all CAs can offer and support this service. For more information, visit 8 Seite 10
11 CERTIFICATES USED (SSL) Server certificate requests By default, FastViewer communication occurs over TCP 5000 or over HTTPS 443 or HTTP 80 as alternatives. Customers who use their own server solution of FastViewer can decide which ports to use for the communication. Operating FastViewer exclusively over HTTPS provides enhanced security, since this makes it possible to verify the "authenticity" of the tunnel server(s) by the standard SSL encryption method. The communication server requires an IP address and an SSL certificate to operate using HTTPS. Viewers can check which protocol is connecting them to the tunnel server in the FastViewer connection. It is possible to allow only valid HTTPS connections on a proxy server or firewall, which means that a connection will only be established if valid SSL certificates are recorded on the tunnel server. The SSL certificate can be easily checked by calling it from Internet Explorer. e.g.: -> Right mouse button: Properties -> Certificates Authentication Authentication is used so that each party can verify the identity of the other party to the connection - a problem that is becoming more and more significant due to phishing attacks. HTTPS HTTPS is used for encrypting and authenticating communication between web servers and browsers on the World Wide Web. Syntax HTTPS is syntactically identical to the scheme for HTTP; the additional encryption of data is done via SSL/TLS: a protected identification and authentication of the communicating parties is initially performed using the SSL handshake protocol. A shared symmetrical session key is then exchanged using asymmetrical encryption or the Diffie- Hellman key exchange. This method is ultimately used to encrypt the user data. 9 Seite 11
12 EXTERNAL CERTIFICATES TÜV Süd We require our communication solution to meet the strictest data security standards. We subjected our software to one of the toughest tests so that the people you deal with will have complete confidence in you and the solution you have deployed. FastViewer is the world's first desktop sharing solution that has received the TÜV SÜD certificate for data security and functionality. FastViewer Instant Meeting (formerly Confered) and Secure Advisor (formerly Supported) were meticulously tested for functionality and data security according to the guidelines: ISO/IEC 25051:2014 (functionality), PPP 13011:2008 (data security & safety) BISG The German Federal Association of IT Experts and Consultants (BISG) has awarded FastViewer its prestigious seal of quality and describes the product's performance as "very good." In particular, the testers praised the product's lean architecture, installationfree use, outstanding handling and excellent stability. The testers also praised the fact that the user interface is transparently designed for users and thus avoids a steep learning curve. All in all, it is rated as an excellent product. FastViewer offers all options for connection types as well, including, for example, an HTTP client for tunnel connections (even behind firewalls), secure direct connections (encrypted) and direct connections. Since Fast- Viewer never acts as a server, it also meets modern security guidelines without sacrificing balanced performance. The German Federal Association made the following concluding comments: "In summary, FastViewer is a product that is impressive in its flexibility and user-friendliness". 10 Seite 12
13 DATA PROTECTION BDSG excerpt The following is an overview of the data protection aspects relevant to FastViewer, as regulated in Section 9, Technical and Organizational Measures, of the BDSG (German Federal Data Protection Act). 1. Access control Unauthorized persons must be prevented from accessing data processing systems with which personal data is processed or used. The server room of FastViewer can only be accessed by persons authorized to enter the server room. The lock on the steel door to this room prevents unauthorized access by external or third parties. 3. Access control Steps must be taken to ensure that persons authorized to use a data processing system have access only to the data they are authorized to access, and that personal data cannot be read, copied, altered or removed without authorization during processing, use and after recording. Personal data can be edited only by administrators using their access authorization. Employees cannot edit or copy personal data stored in the system or manipulate this data in any other unauthorized manner. Employees are divided into groups that have different access authorizations for the data records. This is guaranteed by a Windows server structure in conjunction with the "Active Directory." 2. Access control Steps must be taken to prevent unauthorized third parties from using data processing systems. Access to the premises of the data processing equipment is protected, and all equipment and IT systems are provided with constantly changing passwords. These passwords are changed on a monthly basis. If a user does not change the password, the system will force him or her to do so. 11 Seite 13
14 DATA PROTECTION 4. Disclosure control Steps must be taken to ensure that personal data cannot be read, copied, altered or removed without authorization during electronic transfer or transport or while being recorded onto data storage media, and that it is possible to determine and check to which entities personal data is to be transferred using data transmission facilities. Personal data from the IT system is protected against unauthorized copying to data media. In the case of FastViewer, data is generally not copied to data media and used outside the company. If an employee works in the field over a VPN connection, access is protected by a firewall and corresponding antivirus, spyware removal and anti-hacker software. Protection is provided from both the server and the user computers by installing corresponding software. Antivirus software: Sophos Endpoint Security and Control Hardware firewall: Sophos UTM9 (Internet gateway with incoming and outgoing virus scans as well as spyware checks). 6. Input control Steps must be taken to ensure that it is possible after the fact to check and ascertain whether personal data has been entered into, altered or removed from data processing systems and if so, by whom. Every modification, deletion or processing of data and data records is stored in the FastViewer IT system (Selectline inventory management system). It is possible to track which user has made what change and when, etc., at any time. This report is visible only to administrators and is analyzed and monitored on a weekly basis. 6. Job control Steps must be taken to ensure that personal data processed on behalf of others is processed strictly in compliance with the controller's instructions. Only administrators have the authorization to edit personal data. These administrators can edit the relevant data in accordance with the written instructions of the client. 12 Seite 14
15 DATA PROTECTION 7. Availability control Steps must be taken to ensure that personal data is protected against accidental destruction or loss. The servers are backed up fully on a daily basis. All servers have mirrored hard drives in RAID systems and are equipped with redundant components. The equipment used can be remotely serviced and administered at any time via the FastViewer software solution. The communication servers used for this purpose are located in highly secure data centers. For the connections themselves, one of the highest quality encryption methods is used to ensure an appropriate security standard. (256 bit AES) 8. Separation control Steps must be taken to ensure that data collected for different purposes can be processed separately. Our system guarantees that data collected for different purposes can also be processed separately. This data is stored in the inventory management system (Selectline). All critical systems are subject to permanent monitoring through the monitoring software of the manufacturer Paessler. If critical values regarding the availability or performance of the networks or used devices are reached, the supervising administrators are notified immediately by /sms. The targeted monitoring of system components and processes helps prevent system bottlenecks, congestion and failures. Due to the comprehensive functionality of the monitoring systems by Paessler, it is possible to monitor and document the overall status of the network as well as the individual devices 24 hours a day. The monitoring report is regularly evaluated by an authorized administrator. 13 Seite 15
Security Policy Revision Date: 23 April 2009
Security Policy Revision Date: 23 April 2009 Remote Desktop Support Version 3.2.1 or later for Windows Version 3.1.2 or later for Linux and Mac 4 ISL Light Security Policy This section describes the procedure
More informationFileCloud Security FAQ
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
More informationSSL VPN Technology White Paper
SSL VPN Technology White Paper Keywords: SSL VPN, HTTPS, Web access, TCP access, IP access Abstract: SSL VPN is an emerging VPN technology based on HTTPS. This document describes its implementation and
More informationSonicWALL Email Security Quick Start Guide. Version 4.6
SonicWALL Email Security Quick Start Guide Version 4.6 Quick Start Guide - Introduction This document guides you through the most basic steps to set up and administer SonicWALL Email Security. For more
More informationSecurity from the Ground Up eblvd uses a hybrid-asp model designed expressly to ensure robust, secure operation.
eblvd enables secure, cloud-based access to a PC or server over the Internet. Data, keyboard, mouse and display updates are transmitted over a highly compressed, encrypted stream, yielding "as good as
More informationSecuring your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate thawte thawte thawte thawte thawte 10.
Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate A STEP-BY-STEP GUIDE to test, install and use a thawte Digital Certificate on your MS IIS Web
More informationCleaning Encrypted Traffic
Optenet Documentation Cleaning Encrypted Traffic Troubleshooting Guide iii Version History Doc Version Product Date Summary of Changes V6 OST-6.4.300 01/02/2015 English editing Optenet Documentation
More information2.2.1. Astaro User Portal: Getting Software and Certificates...13. 2.2.2. Astaro IPsec Client: Configuring the Client...14
1. Introduction... 2 2. Remote Access via IPSec... 2 2.1. Configuration of the Astaro Security Gateway... 2 2.2. Configuration of the Remote Client...13 2.2.1. Astaro User Portal: Getting Software and
More informationRetention & Destruction
Last Updated: March 28, 2014 This document sets forth the security policies and procedures for WealthEngine, Inc. ( WealthEngine or the Company ). A. Retention & Destruction Retention & Destruction of
More informationSmart Card Authentication. Administrator's Guide
Smart Card Authentication Administrator's Guide October 2012 www.lexmark.com Contents 2 Contents Overview...4 Configuring the applications...5 Configuring printer settings for use with the applications...5
More informationThe All-in-One Support Solution. Easy & Secure. Secure Advisor
The All-in-One Support Solution. Easy & Secure. Secure Advisor Secure Advisor - A Perfect Solution for Online Support Fast and easy remote support from anywhere Problems that often sound complicated on
More informationSecuring your Online Data Transfer with SSL
Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does
More informationSecure Web Access Solution
Secure Web Access Solution I. CONTENTS II. INTRODUCTION... 2 OVERVIEW... 2 COPYRIGHTS AND TRADEMARKS... 2 III. E-CODE SECURE WEB ACCESS SOLUTION... 3 OVERVIEW... 3 PKI SECURE WEB ACCESS... 4 Description...
More informationBlackBerry Enterprise Service 10. Secure Work Space for ios and Android Version: 10.1.1. Security Note
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
More informationSSL... 2 2.1. 3 2.2. 2.2.1. 2.2.2. SSL VPN
1. Introduction... 2 2. Remote Access via SSL... 2 2.1. Configuration of the Astaro Security Gateway... 3 2.2. Configuration of the Remote Client...10 2.2.1. Astaro User Portal: Getting Software and Certificates...10
More informationAstaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client
Astaro Security Gateway V8 Remote Access via SSL Configuring ASG and Client 1. Introduction This guide contains complementary information on the Administration Guide and the Online Help. If you are not
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web Access 1.06
SafeNet Authentication Service Configuration Guide 1.06 Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationXIA Configuration Server
XIA Configuration Server XIA Configuration Server v7 Installation Quick Start Guide Monday, 05 January 2015 1 P a g e X I A C o n f i g u r a t i o n S e r v e r Contents Requirements... 3 XIA Configuration
More informationCornerstones of Security
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
More informationSecuring your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application INDEX 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4.
More informationPcounter Mobile Guide
Pcounter Mobile Guide Pcounter Mobile Guide 2012.06.22 Page 1 of 19 1. Overview... 3 2. Pre-requisites and Requirements... 4 2.1 Gateway server requirements... 4 2.2 Mobile device requirements... 4 2.3
More informationTo begin, visit this URL: http://www.ibm.com/software/rational/products/rdp
Rational Developer for Power (RDp) Trial Download and Installation Instructions Notes You should complete the following instructions using Internet Explorer or Firefox with Java enabled. You should disable
More informationNEFSIS DEDICATED SERVER
NEFSIS TRAINING SERIES Nefsis Dedicated Server version 5.2.0.XXX (DRAFT Document) Requirements and Implementation Guide (Rev5-113009) REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER Nefsis
More informationCorporate and Payment Card Industry (PCI) compliance
Citrix GoToMyPC Corporate and Payment Card Industry (PCI) compliance GoToMyPC Corporate provides industryleading configurable security controls and centralized endpoint management that can be implemented
More informationSSL Overview for Resellers
Web Security Enterprise Security Identity Verification Services Signing Services SSL Overview for Resellers What We ll Cover Understanding SSL SSL Handshake 101 Market Opportunity for SSL Obtaining an
More informationSteps for Basic Configuration
1. This guide describes how to use the Unified Threat Management appliance (UTM) Basic Setup Wizard to configure the UTM for connection to your network. It also describes how to register the UTM with NETGEAR.
More informationSecurity Digital Certificate Manager
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
More informationSecurity Digital Certificate Manager
IBM i Security Digital Certificate Manager 7.1 IBM i Security Digital Certificate Manager 7.1 Note Before using this information and the product it supports, be sure to read the information in Notices,
More informationVirtual Appliance Setup Guide
The Barracuda SSL VPN Vx Virtual Appliance includes the same powerful technology and simple Web based user interface found on the Barracuda SSL VPN hardware appliance. It is designed for easy deployment
More informationSecure VidyoConferencing SM TECHNICAL NOTE. Protecting your communications. www.vidyo.com 1.866.99.VIDYO
TECHNICAL NOTE Secure VidyoConferencing SM Protecting your communications 2012 Vidyo, Inc. All rights reserved. Vidyo, VidyoTechnology, VidyoConferencing, VidyoLine, VidyoRouter, VidyoPortal,, VidyoRouter,
More informationViPNet ThinClient 3.3. Quick Start
ViPNet ThinClient 3.3 Quick Start 1991 2014 Infotecs Americas. All rights reserved. Version: 00060-07 34 02 ENU This document is included in the software distribution kit and is subject to the same terms
More informationDecryption. Palo Alto Networks. PAN-OS Administrator s Guide Version 6.0. Copyright 2007-2015 Palo Alto Networks
Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us
More informationSophos UTM. Remote Access via PPTP. Configuring UTM and Client
Sophos UTM Remote Access via PPTP Configuring UTM and Client Product version: 9.000 Document date: Friday, January 11, 2013 The specifications and information in this document are subject to change without
More informationSAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG)
SAFE-T RSACCESS REPLACEMENT FOR MICROSOFT FOREFRONT UNIFIED ACCESS GATEWAY (UAG) A RSACCESS WHITE PAPER 1 Microsoft Forefront Unified Access Gateway Overview 2 Safe-T RSAccess Secure Front-end Overview
More informationThe Conference Room of Today. Easy & Secure. Instant Meeting
The Conference Room of Today. Easy & Secure. Instant Meeting Instant Meeting - The Conference Room of Today Set up and attend meetings easily - from anywhere and at any time Whether for online meetings,
More informationWindows Remote Access
Windows Remote Access A newsletter for IT Professionals Education Sector Updates Issue 1 I. Background of Remote Desktop for Windows Remote Desktop Protocol (RDP) is a proprietary protocol developed by
More informationUBS KeyLink Quick reference WEB Installation Guide
ab UBS KeyLink Quick reference WEB Installation Guide Table of contents 1. Introduction 3 1.1. Why is an Installation needed? 3 1.2. Is UBS KeyLink secure? 3 1.3. Information about Secure Sockets Layer
More informationJava Remote Desktop. Java Remote Desktop. The Manual of Java Remote Desktop 1.12. J3PSoftware Revision 2.0 1
Java Remote Desktop The Manual of Java Remote Desktop 1.12 J3PSoftware Revision 2.0 1 1.I About Java Remote Desktop 1.II About this manual 2 Java Remote Desktop Versions 2.1 Java Remote Desktop 2.2 Java
More informationConnecting an Android to a FortiGate with SSL VPN
Connecting an Android to a FortiGate with SSL VPN This recipe describes how to provide a group of remote Android users with secure, encrypted access to the network using FortiClient and SSL VPN. You must
More informationEntrust Managed Services PKI. Getting started with digital certificates and Entrust Managed Services PKI. Document issue: 1.0
Entrust Managed Services PKI Getting started with digital certificates and Entrust Managed Services PKI Document issue: 1.0 Date of issue: May 2009 Copyright 2009 Entrust. All rights reserved. Entrust
More informationVPN. Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu
VPN Date: 4/15/2004 By: Heena Patel Email:hpatel4@stevens-tech.edu What is VPN? A VPN (virtual private network) is a private data network that uses public telecommunicating infrastructure (Internet), maintaining
More informationGoToMyPC Corporate Advanced Firewall Support Features
F A C T S H E E T GoToMyPC Corporate Advanced Firewall Support Features Citrix GoToMyPC Corporate features Citrix Online s advanced connectivity technology. We support all of the common firewall and proxy
More informationCampus VPN. Version 1.0 September 22, 2008
Campus VPN Version 1.0 September 22, 2008 University of North Texas 1 9/22/2008 Introduction This is a guide on the different ways to connect to the University of North Texas Campus VPN. There are several
More informationEnterprise Security Critical Standards Summary
Enterprise Security Critical Standards Summary The following is a summary of key points in the Orange County Government Board of County Commissioners (OCGBCC) security standards. It is necessary for vendors
More informationSetting Up Scan to SMB on TaskALFA series MFP s.
Setting Up Scan to SMB on TaskALFA series MFP s. There are three steps necessary to set up a new Scan to SMB function button on the TaskALFA series color MFP. 1. A folder must be created on the PC and
More informationRIAS stands for Remote Installation Assistance Service by NT-ware to remotely assist you on-site and on-demand. RIAS sessions are useful to guide you
RIAS stands for Remote Installation Assistance Service by NT-ware to remotely assist you on-site and on-demand. RIAS sessions are useful to guide you precisely through the installation routines or configuration
More informationSonicwall Reporting Server
Sonicwall Reporting Server How to access the reporting server: Navigate to https://swreports.hitechsupport.com.au, and enter your username and password provided. After you have logged in, click on the
More informationJPMorgan Chase Treasury Workstation. Certification Setup Guide Version 2.0
EMENTS JPMorgan Chase Treasury Workstation Certification Setup Guide Version 2.0 December 2010 TABLE OF CONTENTS Introduction... 1 About this Guide... 1 When to Create the Certificates... 2 Getting Help...
More informationSPAMfighter Mail Gateway
SPAMfighter Mail Gateway User Manual Copyright (c) 2009 SPAMfighter ApS Revised 2009-05-19 1 Table of contents 1. Introduction...3 2. Basic idea...4 2.1 Detect-and-remove...4 2.2 Power-through-simplicity...4
More informationConfiguration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Outlook Web App. Technical Manual Template
SafeNet Authentication Service Configuration Guide Technical Manual Template Release 1.0, PN: 000-000000-000, Rev. A, March 2013, Copyright 2013 SafeNet, Inc. All rights reserved. 1 Document Information
More informationCheck Point Security Administrator R70
Page 1 of 6 Check Point Security Administrator R70 Check Point Security Administration R70 Length Prerequisites 5 days* (recommended) Basic networking knowledge, knowledge of Windows Server and/or UNIX,
More informationBlackShield ID Agent for Remote Web Workplace
Agent for Remote Web Workplace 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication may be reproduced,
More informationHosted Microsoft Exchange Client Setup & Guide Book
Hosted Microsoft Exchange Client Setup & Guide Book Section 1 Microsoft Outlook Web Access (OWA) access directions Section 2 Windows Mobile Phone ActiveSync setup & configuration Section 3 - Apple iphone
More informationPROTECTING NETWORKS WITH FIREWALLS
83-10-44 DATA SECURITY MANAGEMENT PROTECTING NETWORKS WITH FIREWALLS Gilbert Held INSIDE Connecting to the Internet; Router Packet Filtering; Firewalls; Address Hiding; Proxy Services; Authentication;
More informationMANUFACTURER RamSoft Incorporated 243 College St, Suite 100 Toronto, ON M5T 1R5 CANADA
All Information provided in this document and in the accompanying software is subject to change without notice and does not represent a commitment on the part of RamSoft. RamSoft assumes no responsibility
More informationGetting Started With Halo for Windows
Getting Started With Halo for Windows For CloudPassage Halo Protecting your Windows servers in a public or private cloud is much easier and more secure with CloudPassage Halo for Windows. Halo for Windows
More informationMultiSite Manager. Setup Guide
MultiSite Manager Setup Guide Contents 1. Introduction... 2 How MultiSite Manager works... 2 How MultiSite Manager is implemented... 2 2. MultiSite Manager requirements... 3 Operating System requirements...
More informationEnterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere
Enterprise Security Management CheckPoint SecuRemote VPN v4.0 for pcanywhere White Paper 7KH#&KDOOHQJH Virtual Private Networks (VPNs) provides a powerful means of protecting the privacy and integrity
More informationRequirements Collax Security Gateway Collax Business Server or Collax Platform Server including Collax SSL VPN module
Collax SSL VPN Howto This howto describes the easy configuration of a Collax server as SSL VPN gateway in order to enable external access to selected applications in the company network. Except for a common
More informationWebEx Security Overview Security Documentation
WebEx Security Overview Security Documentation 8/1/2003: WebEx Communications Inc. WebEx Security Overview WebEx Security Overview Introduction WebEx Communications, Inc. provides real-time communication
More informationChapter 7 Managing Users, Authentication, and Certificates
Chapter 7 Managing Users, Authentication, and Certificates This chapter contains the following sections: Adding Authentication Domains, Groups, and Users Managing Certificates Adding Authentication Domains,
More informationAvalanche Remote Control User Guide. Version 4.1.3
Avalanche Remote Control User Guide Version 4.1.3 ii Copyright 2012 by Wavelink Corporation. All rights reserved. Wavelink Corporation 10808 South River Front Parkway, Suite 200 South Jordan, Utah 84095
More informationEnd User Devices Security Guidance: Apple ios 8
GOV.UK Guidance End User Devices Security Guidance: Apple ios 8 Published Contents 1. Changes since previous guidance 2. Usage scenario 3. Summary of platform security 4. How the platform can best satisfy
More information11.1. Performance Monitoring
11.1. Performance Monitoring Windows Reliability and Performance Monitor combines the functionality of the following tools that were previously only available as stand alone: Performance Logs and Alerts
More informationA brief on Two-Factor Authentication
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
More informationIntegrated SSL Scanning
Software Version 9.0 Copyright Copyright 1996-2008. Finjan Software Inc. and its affiliates and subsidiaries ( Finjan ). All rights reserved. All text and figures included in this publication are the exclusive
More informationIFS CLOUD UPLINK INSTALLATION GUIDE
IFS CLOUD UPLINK INSTALLATION GUIDE ABSTRACT This guide describes how to install IFS Cloud Uplink. UPLINK VERSION 4.13 PREPARE THE WEB SERVER THAT SERVES IFS EXTENDED SERVER Since the user credentials
More informationIPS Attack Protection Configuration Example
IPS Attack Protection Configuration Example Keywords: IPS Abstract: This document presents a configuration example for the attack protection feature of the IPS devices. Acronyms: Acronym Full spelling
More informationCopyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com
Manual Copyright 2013, 3CX Ltd. http://www.3cx.com E-mail: info@3cx.com Information in this document is subject to change without notice. Companies names and data used in examples herein are fictitious
More informationOverview of CSS SSL. SSL Cryptography Overview CHAPTER
CHAPTER 1 Secure Sockets Layer (SSL) is an application-level protocol that provides encryption technology for the Internet, ensuring secure transactions such as the transmission of credit card numbers
More informationRelease Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May 2011. 1. New Features and Enhancements. Tip of the Day
NCP Secure Entry Mac Client Major Release 2.01 Build 47 May 2011 1. New Features and Enhancements Tip of the Day A Tip of the Day field for configuration tips and application examples is incorporated in
More informationUsing GhostPorts Two-Factor Authentication
Using GhostPorts Two-Factor Authentication With CloudPassage Halo GhostPorts is a powerful two-factor authentication feature available with the Halo NetSec and Halo Professional subscription plans. GhostPorts
More informationSync Security and Privacy Brief
Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical
More informationBlackShield ID Agent for Terminal Services Web and Remote Desktop Web
Agent for Terminal Services Web and Remote Desktop Web 2010 CRYPTOCard Corp. All rights reserved. http:// www.cryptocard.com Copyright Copyright 2010, CRYPTOCard All Rights Reserved. No part of this publication
More informationGeneral tips for increasing the security of using First Investment Bank's internet banking
General tips for increasing the security of using First Investment Bank's internet banking Dear Clients, First Investment Bank (Fibank, the Bank) provides you with high level of protection and security
More informationMultiSite Manager. Setup Guide
MultiSite Manager Setup Guide Contents 1. Introduction... 2 How MultiSite Manager works... 2 How MultiSite Manager is implemented... 2 2. MultiSite Manager requirements... 3 Operating System requirements...
More informationVersion Highlights. CertainT 100 SSL Accelerator. Version 2.11. International. New hardware and software version. North America
Version Highlights SSL Accelerator Version 2.11 New hardware and software version North America Radware Inc. 575 Corporate Dr. Suite 205 Mahwah, NJ 07430 Tel 888 234 5763 International Radware Ltd. 22
More informationSophos UTM. Remote Access via IPsec. Configuring UTM and Client
Sophos UTM Remote Access via IPsec Configuring UTM and Client Product version: 9.000 Document date: Friday, January 11, 2013 The specifications and information in this document are subject to change without
More informationDell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy
Dell SonicWALL and SecurEnvoy Integration Guide Authenticating Users Using SecurAccess Server by SecurEnvoy Contact information SecurEnvoy www.securenvoy.com 0845 2600010 Merlin House Brunel Road Theale
More informationMaruleng Local Municipality
Maruleng Local Municipality. 22 November 2011 1 Version Control Version Date Author(s) Details 1.1 23/03/2012 Masilo Modiba New Policy 2 Contents ICT Firewall Policy 1 Version Control.2 1. Introduction.....4
More informationADFS Integration Guidelines
ADFS Integration Guidelines Version 1.6 updated March 13 th 2014 Table of contents About This Guide 3 Requirements 3 Part 1 Configure Marcombox in the ADFS Environment 4 Part 2 Add Relying Party in ADFS
More informationNetwork-Enabled Devices, AOS v.5.x.x. Content and Purpose of This Guide...1 User Management...2 Types of user accounts2
Contents Introduction--1 Content and Purpose of This Guide...........................1 User Management.........................................2 Types of user accounts2 Security--3 Security Features.........................................3
More informationREQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER
NEFSIS TRAINING SERIES Nefsis Dedicated Server version 5.1.0.XXX Requirements and Implementation Guide (Rev 4-10209) REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER Nefsis Training Series
More informationUser's Manual. Intego Remote Management Console User's Manual Page 1
User's Manual Intego Remote Management Console User's Manual Page 1 Intego Remote Management Console for Macintosh 2007 Intego, Inc. All Rights Reserved Intego, Inc. www.intego.com This manual was written
More informationWhat s New in Juniper s IVE Platform Version 5.2. Highlights of this Release. What s New in IVE v5.2
What s New in Juniper s IVE Platform Version 5.2 This application note describes the new features available in Version 5.2 of the IVE platform for all Secure Access SSL VPN products. This document assumes
More informationPortal Administration. Administrator Guide
Portal Administration Administrator Guide Portal Administration Guide Documentation version: 1.0 Legal Notice Legal Notice Copyright 2013 Symantec Corporation. All rights reserved. Symantec, the Symantec
More informationSysPatrol - Server Security Monitor
SysPatrol Server Security Monitor User Manual Version 2.2 Sep 2013 www.flexense.com www.syspatrol.com 1 Product Overview SysPatrol is a server security monitoring solution allowing one to monitor one or
More informationProtecting the Home Network (Firewall)
Protecting the Home Network (Firewall) Basic Tab Setup Tab DHCP Tab Advanced Tab Options Tab Port Forwarding Tab Port Triggers Tab DMZ Host Tab Firewall Tab Event Log Tab Status Tab Software Tab Connection
More informationQuick Connect. Overview. Client Instructions. LabTech
LabTech Quick Connect QUICK CONNECT 1 Overview... 1 Client Instructions... 1 Technician Instructions... 4 VNC... 5 RDP... 6 RAssist (Remote Assistance)... 8 IE (Internet Explorer browser)... 9 CMD... 10
More informationComodo Endpoint Security Manager SME Software Version 2.1
Comodo Endpoint Security Manager SME Software Version 2.1 Quick Start Guide Guide Version 2.1.111114 Comodo Security Solutions 1255 Broad Street Clifton, NJ 07013 Endpoint Security Manager - SME Quick
More informationCourse Title: Penetration Testing: Network Threat Testing, 1st Edition
Course Title: Penetration Testing: Network Threat Testing, 1st Edition Page 1 of 6 Course Description: The Security Analyst Series from EC-Council Press is comprised of five books covering a broad base
More informationKaseya Server Instal ation User Guide June 6, 2008
Kaseya Server Installation User Guide June 6, 2008 About Kaseya Kaseya is a global provider of IT automation software for IT Solution Providers and Public and Private Sector IT organizations. Kaseya's
More informationAccessing the Media General SSL VPN
Launching Applications and Mapping Drives Remote Desktop Outlook Launching Web Applications Full Access VPN Note: To access the Media General VPN, anti-virus software must be installed and running on your
More informationContent Filtering Client Policy & Reporting Administrator s Guide
Content Filtering Client Policy & Reporting Administrator s Guide Notes, Cautions, and Warnings NOTE: A NOTE indicates important information that helps you make better use of your system. CAUTION: A CAUTION
More informationSecureClient Central Installation Guide. September 2014
SecureClient Central Installation Guide September 2014 September 2014 3 of 12 Table of contents 1. About this guide... 5 2. System requirements... 6 3. Installation... 7 4. Software upgrades... 12 Appendix
More informationH3C SSL VPN RADIUS Authentication Configuration Example
H3C SSL VPN RADIUS Authentication Configuration Example Copyright 2012 Hangzhou H3C Technologies Co., Ltd. All rights reserved. No part of this manual may be reproduced or transmitted in any form or by
More informationEnsuring the security of your mobile business intelligence
IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive
More informationAstaro Security Gateway V8. Remote Access via L2TP over IPSec Configuring ASG and Client
Astaro Security Gateway V8 Remote Access via L2TP over IPSec Configuring ASG and Client 1. Introduction This guide contains complementary information on the Administration Guide and the Online Help. If
More informationContents Notice to Users
Web Remote Access Contents Web Remote Access Overview... 1 Setting Up Web Remote Access... 2 Editing Web Remote Access Settings... 5 Web Remote Access Log... 7 Accessing Your Home Network Using Web Remote
More informationOPC UA vs OPC Classic
OPC UA vs OPC Classic By Paul Hunkar Security and Communication comparison In the world of automation security has become a major source of discussion and an important part of most systems. The OPC Foundation
More information