2 Introduction Security and privacy are two of the leading issues for users when transferring important files. Keeping data on-premises makes business and IT leaders feel more secure, but comes with technical challenges when there is a need to share data externally. If your employees can t easily use your secure tools, they ll resort to less secure options. BitTorrent Sync offers the ability to sync files securely and privately, by replicating data only directly between trusted devices and keeping data encrypted in transit. This means that BitTorrent neither hosts nor caches any content - there s no way for us (even if we wanted to) to view, modify, or remove data. All control rests within your devices (and those of others you choose to share with). This brief explains the security and privacy attributes and features of BitTorrent Sync. Our product and engineering team is led by folks from Decru (NetApp), EMC, ZoneLabs and Check Point: security and managing data is in our DNA.
3 Files move directly between peers - no data lives in the cloud Instead of uploading files to cloud storage so other devices can download them, Sync establishes a direct connection between your devices (peers), allowing data to exist at rest exclusively on private infrastructure. By default, Sync will try to do this using multiple methods (defined later). One of them is the Tracker Server, which allows peers to find each other over the Internet or between subnets on the LAN that block multicast. If peers cannot establish a direct connection between themselves (like when devices are behind a symmetric NAT), the Relay Server is used. Sync is very successful at establishing a direct connection, with more than 97% of all data transferred is directly from peer-to-peer. In the event that the Relay Server is used, only 128-bit AES encrypted pieces flow through it. These pieces are never stored at rest and the encryption keys are only possessed by the peers connected to the folder. Sync is a fully distributed system all data remains private Sync keeps ALL your data (files, metadata, user information) private because it s a fully distributed system. Instead of the control functionality living in the cloud, it s handled by the peers themselves. No information about you, your devices, or where your files are going is stored on any BitTorrent server. Each peer learns information like what to send/receive by interacting with other peers and information like access control and licensing is synchronized between peers. 3
4 There are no passwords to be compromised all security is cryptographic Sync s security model is cryptographic instead of password-based. Cryptographic verification is required for peer introduction, and data access. All data is further encrypted in transit. Because of this there is no need to worry about insecure passwords, changing passwords or users writing passwords on post-it notes so they don t forget. Sync offers two security models for folders: Standard and Advanced. The Standard one is appropriate for device-based permissions while the Advanced one is good for user-based permissions. Device-based permissions - Standard folders With these folders, each folder is associated with a few symmetric keys. When a folder is initially added to Sync a read/write (RW) key is created. Using a cryptographic hash function we derive a read-only (RO) key and a Folder ID. Having the RW key allows peers to modify the folder. Peers with RO key are cryptographically prevented from making any modifications to content on remote peers. The Folder ID is only used to locate peers that are connected to this folder and cannot be used to access the content. This model is ideal for syncing content between devices. It provides for fast initial connection and better overall transfer speed. It is also very easy to connect additional devices to such folders. User-based permissions - Advanced folders With these folders, each user has a unique identity and a private/public key pair is associated with this it. Each folder is associated with a unique X.509 certificate and a certificate authority (CA). This enables Sync to ensure that all operations such as transferring files, sharing folders, revoking access to folders, etc. are executed in a secure way. The Security model of Sync is designed in a way that 4
5 allows every peer to validate the permissions of another peer and all changes that were made. All this can be done in a fully distributed way with no need for a centralized authority. Owner shares folder Details receiver sees 5
6 Details owner sees This is the process by which certificates are created, signed, synced, and modified: When a folder is added to Sync, a primary root certificate (separate certificate authority) is created for the folder and is signed by the user who added the folder. When a user requests access to a folder, they send their public key to the owner. If approved, the owner generates a certificate for the requesting user and signs it with their private key. The user s permission level (read only, read and write, or owner) is specified inside the certificate. When access to the folder changes (new user, permissions change, disconnecting user), the owner creates a new certificate, signs it, and distributes it to all peers connected to the folder. If another user is granted owner permissions, a second root certificate is created and signed by the first root certificate, allowing them to create certificates for the folder. Each peer connected to the folder contains all certificates for the folder, allowing them to authenticate peers to send or receive files directly. 6
7 Files are always encrypted in transit Before any data is transferred from one peer to another, it is encrypted and signed. This ensures it cannot be read or modified by others while in transit over insecure networks. Sync establishes an SSL connection between any two peers and then the data is AES 128-bit encrypted before it leaves the device. After the data is received by the other peer, it is decrypted. Only the peers connected to the folders have the keys. Encryption is turned on by default but we give users the option to turn it off for LAN transfers. For Sync...AES-128 is better 40% faster than AES-256 Differences between 128 and 256 bit are considered minimal by experts Estimated to take a supercomputer 1 billion years to decipher Forward secrecy is guaranteed by Sync communication layer Forward secrecy means that if a session key is compromised it does not compromise past session keys. Forward secrecy protects past sessions against future compromises of secret keys. Encrypted communications recorded in the past cannot be retrieved and decrypted should session keys be compromised in the future. 7
8 Insecure, but easy-to-use, tools can be used to securely share files When sharing a folder of files with another person, it s often easiest to just send them an or copy a link into a text message. While these methods of communication are not always secure, Sync can use them to securely and privately share files. When sharing a folder using a clickable link, the user has these options to control who has access to it and what type of access they have: Permission level Read Only - can sync all contents of the folder to their devices; if they make changes to the folder, they will not be synced to any peers Read & Write - can sync all contents of the folder to their devices; if they make changes to the folder, they will be synced to all peers Owner - has read & write permissions; can also share the folder with others, change the permission level of users connected to the folder, and disconnect users from the folder; owners do have the ability to change 8
9 the permissions of other owners (the Owner property is only available for Advanced Folders)When you add a folder to Sync, you are given owner permissions. When you add a folder to Sync, you are given owner permissions. When sharing with a link, you can create different links with a different permissions level. After the user clicks the link, you can also change their permission before approving their connection. 2. Connection approval options Approve new peers - users need to be approved if you have not approved them to connect to another folder (untrusted peer); this option speeds up the sharing process by auto-approving connection requests from known users (only available for Advanced Folders) Approve all peers - all users requesting to connect to the folder need to be approved No approval - all users are auto-approved to connect to the folder If you are sharing something you intend to remain private, keep one of the approval options on to ensure only people you desire have access to the folder. When a user clicks the link, this is what the owner and requester will see: Owner Requestor 9
10 If approval is required to connect, the owner will be able to validate information about the user requesting connection: The owner can communicate with the requester to validate the fingerprint of their certificate to guarantee they are who they are. 3. Link expiration by time Link expires in x days - after clicking the or Copy button, the link will be active for the number of days set Link does not expire by time - the link will never expire based on elapsed time 4. Link expiration by usage Link expires after x uses - the link can only be used to connect to the folder x number of times before it expires Link does not expire by usage - the link can be used any number of times 10
11 If you need to share a folder with 4 people, you could set the link expiration usage to 4, which would prevent a 5th person from connecting using that link. If a user clicks on an expired link, they will see this error message: When the receiver clicks the link, this is what happens: If Sync is not installed locally, it presents the user with a download page. If Sync is installed, the web page converts the link from to btsync://... which calls on the local application. Sync uses the temporary key from the link to find the folder owner and sends a request for access. The requestor s public key is sent to the owner. The folder owner receives the request and is asked to approve or deny it. This request shows the requestor s user name, IP address of the device that clicked the link, and public key fingerprint. By comparing the public key fingerprint, the folder owner can make sure that the requester is who they are before giving them access to the folder. Once the approval is granted, the folder owner generates and signs an X.509 certificate for the requester and syncs it with all peers of the folder. This certificate allows the user to access the folder with the designated permissions level. There is no way for requester to get this certificate before all the steps above are successfully completed. The new certificate is synchronized to all peers connected to the folder, which allows the new user to securely connect to any folder peer. Once connections between peers are established, files transfers begin. 11
12 Note: The https link can also be pasted into the Manual Connection field, bypassing the link translation web page. Our servers don t see the user-specific part of the sharing link All the user-specific information is placed after the # sign, which means none of it is sent from the browser to the BitTorrent server. The information after the # sign is only available locally. Here is a sample link: OMKX4HDG76FNYDEES6QZ H2TGBDFOZTMI7KTCAZJZA&i=CW5PDKTB X46UOQTN5THZQI2H5VZHJUK2Q&e= &v=2.0 This is converted this link by replacing everything before # to btsync://: btsync://f=syncfolder&sz=1e10&t=2&s=syqgcgxjed7omkx4hdg76f NYDEES6QZH2TGBDFOZTMI7KTCAZJZA&i=CW5PDKTBX46UOQTN5THZ QI2H5VZHJUK2Q&e= &v=2.0 These are the components of a link to a folder, which is all that s required to start syncing data once access is granted: btsync://f=<folder name><folder metadata><hashes><expiration time><product metadata> Folder name - (f=) name of the folder on the owner s device Folder metadata - (sz=) approximate size of the folder; (t=) type of folder link ( Classic folder t=1, Sync 2.0 or later t=2) Hashes - (s=) folder ID in base32 encoding; (i=) temporary key used to connect with the folder owner Expiration time - (e=) link expiration time in Unix time format Product metadata - (v=) Version of Sync application which created the link 12
13 Folder permissions are controlled by owners and synchronized to all connected peers When the owner granted initial access to the folder, the X.509 certificate was synchronized across all peers connected to the folder. Even after initially sharing the folder with another user, owners have authority to change the user s (and other owners) folder permissions. When permissions change (read only, read and write, or disconnected), a new certificate is generated and synced to all the peers. This ensures that the user cannot get the files from any other peer connected to the folder. Certificates are not deleted, so there is a history of how access to the folder has changed over time. This also allows owners to be able to reconnect users that have been disconnected. Note: this only applies to Advanced Folders 13
14 Each device has control over how it communicates and services can be limited to increase privacy Sync uses various methods to establish connections between peers and transfer data. On a folder-by-folder basis, options can be enabled/disabled to control how Sync communicates. These options are: Use relay server when required By default, Sync does its best to establish a direct a connection between peers to achieve maximum speed. However, if a direct connection is not possible, for whatever reason (sophisticated NATs, firewalls, proxy servers, etc.), this option will allow Sync to establish a connection via a relay server hosted by BitTorrent, Inc. and transfer data without a direct connection. This option is on by default. If your device is connected to another device via the relay server, an icon noting this will appear in the peers list. The relay server maintains full user privacy because: No user data lives at rest on, or is cached by, the relay server. Only encrypted data flows through the relay server. 14
15 Use tracker server BitTorrent, Inc. hosts tracker servers for Sync to help peers to find out each other s IP address in order to establish a direct connection. Each peers sends this data to the tracker server: Folder ID (large random-generated number) Peer ID (large random-generated number) IP address (private address used by device) Each peer of each folder learns the IP addresses of the other peers and attempts to contact them to establish a connection. This option is on by default. Search LAN Allows Sync to search your local network for other instances of Sync connected to the folder. Using multicast, this information is sent on the local network: Folder ID (large random-generated number) Peer ID (large random-generated number) LAN listening port This option is on by default. If you choose to disable this option, either make sure that the use of tracker server is allowed or predefined hosts are configured. Use predefined hosts Addresses of devices can be specified for this peer to communicate with to sync this folder. IP address and port number pairs can be specified. 15
16 This feature is useful in high-security networks where LAN search over multicast and contacting Tracker server is impossible or prohibited. Ports To understand which network ports Sync uses to communicate, please refer to this article: 16
17 Statistical information from Sync is sent in the clear so you know what BitTorrent s gathering BitTorrent does collect statistics from the Sync application. These statistics help us improve the product. Here is a list of the statistics we collect: Amount of data directly transferred with peers Amount of data transferred with peers by relay server Tracker packets, pings, and files received by client Add folder errors IP addresses seen by the tracker server Client operating system type and version Sync version Number of folders & files being tracked by Sync Current total size of folders added in Sync Language preference set Application install event Campaign code (installed from website, promotion page, etc.) Number of share links generated Number of share links accepted Number of share links failed Number of peers the engine is connected to 17
18 In Conclusion Ultimately, the security of any file storage, syncing, and sharing solution is in the hands of the user or administrator. With most solutions, unauthorized access to files must be prevented using encryption, secure passwords, a robust firewall configuration, etc. The architecture of Sync provides an unprecedented level of security and privacy with almost no user setup required. Data can not be hacked, as there is no password to find, no person to exploit, and no server to attack. Sync is the most secure and easy to setup file syncing solution that you can use to share data quickly and efficiently to any person or device. 18
19 Glossary Peer A unique, logical device that is connected to a folder. Your laptop, phone, or virtual machine are all peers. Peers are often referred to as devices. User Unique identity of a person. A user can have multiple devices (or peers) linked to it. When linked, these devices will have the same user identity. AES-128 Advanced Encryption Standard (AES), a Federal Information Processing Standard (FIPS), is an approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a block cipher that can encrypt and decrypt digital information. The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits. Cryptographic Cryptographic protocols are widely used for secure application-level data transport. A cryptographic protocol usually incorporates at least some of these aspects: Key agreement or establishment Entity authentication Symmetric encryption and message authentication material construction Secured application-level data transport Non-repudiation methods Secret sharing methods Secure multi-party computation 19
20 DHT (distributed hash table) Is a class of a decentralized distributed system that provides a lookup service similar to a hash table. DHTs form an infrastructure that can be used to build more complex services, such as anycast, cooperative Web caching, distributed file systems, domain name services, instant messaging, multicast, and also peer-topeer file sharing and content distribution systems. Multicast Multicast is a one-to-many or many-to-many distribution, and is a group communication where information is addressed to a group of destination computers over a network simultaneously. PKI (Public Key Infrastructure) A PKI is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates, and manage public-key encryption. SSL (Secure Sockets Layer) SSL is a security protocol and is a standard security technology for establishing an encrypted link between a server and a client typically a web server (website) and a browser; or a mail server and a mail client. It allows sensitive information such as credit card numbers, social security numbers, and login credentials to be transmitted securely. Normally, data sent between browsers and web servers is sent in plain text leaving you vulnerable to eavesdropping. If an attacker is able to intercept all data being sent between a browser and a web server they can see and use that information. X.509 certificate An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure standard to verify that a public key belongs to the user, computer or service identity contained within the certificate. 20
21 v1.0 July BitTorrent Inc. Sync is a trademark of BitTorrent, Inc.
Contents Introduction--1 Content and Purpose of This Guide...........................1 User Management.........................................2 Types of user accounts2 Security--3 Security Features.........................................3
Security Architecture Whitepaper 2015 by Network2Share Pty Ltd. All rights reserved. 1 Table of Contents CloudFileSync Security 1 Introduction 1 Data Security 2 Local Encryption - Data on the local computer
Bit Chat: A Peer-to-Peer Instant Messenger Shreyas Zare email@example.com https://technitium.com December 20, 2015 Abstract. Bit Chat is a peer-to-peer instant messaging concept, allowing one-to-one
is currently used by many large organizations including banks, health care organizations, educational institutions and government agencies. Thousands of organizations rely on File- Cloud for their file
BlackBerry Enterprise Service 10 Secure Work Space for ios and Android Version: 10.1.1 Security Note Published: 2013-06-21 SWD-20130621110651069 Contents 1 About this guide...4 2 What is BlackBerry Enterprise
Internet Security Cornerstones of Security Authenticity the sender (either client or server) of a message is who he, she or it claims to be Privacy the contents of a message are secret and only known to
VPN Configuration Guide Dell SonicWALL 2013 equinux AG and equinux USA, Inc. All rights reserved. Under copyright law, this manual may not be copied, in whole or in part, without the written consent of
April 2007 About RemotelyAnywhere... 2 About RemotelyAnywhere... 2 About this Guide... 2 Installation of RemotelyAnywhere... 2 Software Activation...3 Accessing RemotelyAnywhere... 4 About Dynamic IP Addresses...
E-Commerce Security An e-commerce security system has four fronts: LECTURE 7 (SECURITY) Web Client Security Data Transport Security Web Server Security Operating System Security A safe e-commerce system
NEXSAN TRANSPORTER PRODUCT SECURITY AN IN-DEPTH REVIEW INTRODUCTION As businesses adopt new technologies that touch or leverage critical company data, maintaining the highest level of security is their
Using etoken for SSL Web Authentication Lesson 12 April 2004 etoken Certification Course SSL V3.0 Overview Secure Sockets Layer protocol, version 3.0 Provides communication privacy over the internet. Prevents
Chapter 17 Transport-Level Security Web Security Considerations The World Wide Web is fundamentally a client/server application running over the Internet and TCP/IP intranets The following characteristics
Certificate Management PAN-OS Administrator s Guide Version 7.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us
F A C T S H E E T GoToMyPC Corporate Advanced Firewall Support Features Citrix GoToMyPC Corporate features Citrix Online s advanced connectivity technology. We support all of the common firewall and proxy
SSL You re FREE Guide to (Secure Sockets Layer) What is a Digital Certificate? SSL Certificates, also known as public key certificates or Digital Certificates, are essential to secure Internet browsing.
Configuring Security Features of Session Recording Summary This article provides information about the security features of Citrix Session Recording and outlines the process of configuring Session Recording
Client Server Registration Protocol The Client-Server protocol involves these following steps: 1. Login 2. Discovery phase User (Alice or Bob) has K s Server (S) has hash[pw A ].The passwords hashes are
Configuring on Citrix and Terminal Services Servers Document Scope This solutions document describes how to install, configure, and use the SonicWALL Terminal Services Agent (TSA) on a multi-user server,
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 2 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...
White Paper Data Collection and Analysis: Get End-to-End Security with Cisco Connected Analytics for Network Deployment Cisco Connected Analytics for Network Deployment (CAND) is Cisco hosted, subscription-based
Content Teaching Academy at James Madison University 1 2 The Battle Field: Computers, LANs & Internetworks 3 Definitions Computer Security - generic name for the collection of tools designed to protect
The Security Behind Sticky Password Technical White Paper version 3, September 16th, 2015 Executive Summary When it comes to password management tools, concerns over secure data storage of passwords and
How encryption works to provide confidentiality. How hashing works to provide integrity. How digital signatures work to provide authenticity and non-repudiation. How to obtain a digital certificate. Installing
Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects
SOOKASA WHITEPAPER SECURITY SOOKASA.COM Sookasa Overview Sookasa was founded in 2012 by a team of leading security experts. The company s patented file-level encryption enables enterprises to protect data
Securing your Microsoft Internet Information Services (MS IIS) Web Server with a thawte Digital Certificate A STEP-BY-STEP GUIDE to test, install and use a thawte Digital Certificate on your MS IIS Web
Contents 1 Overview 2 System Architecture 3 Network Settings 4 Security Configurations 5 Data Privacy and Security Measures 6 Security Recommendations Overview This white paper provides information about
Secure Data Transfer INSTRUCTIONS 3 Options to SECURELY TRANSMIT DATA 1. FTP 2. WinZip 3. Password Protection Version 2.0 Page 1 Table of Contents Acronyms & Abbreviations...1 Option 1: File Transfer Protocol
Why you need secure email WHITE PAPER CONTENTS 1. Executive summary 2. How email works 3. Security threats to your email communications 4. Symmetric and asymmetric encryption 5. Securing your email with
Security Guide BlackBerry Enterprise Service 12 for ios, Android, and Windows Phone Version 12.0 Published: 2015-02-06 SWD-20150206130210406 Contents About this guide... 6 What is BES12?... 7 Key features
2014 LBSEC http://www.liveboxcloud.com LiveBox Srl does not release declarations or guarantee regarding this documentation and its use and declines any expressed or implied commercial or suitability guarantee
Xerox DocuShare Security Features Security White Paper Xerox DocuShare Security Features Businesses are increasingly concerned with protecting the security of their networks. Any application added to a
Websense Content Gateway HTTPS Configuration web security data security email security Support Webinars 2010 Websense, Inc. All rights reserved. Webinar Presenter Title: Sr. Tech Support Specialist Cisco
Securing your Online Data Transfer with SSL A GUIDE TO UNDERSTANDING SSL CERTIFICATES, how they operate and their application 1. Overview 2. What is SSL? 3. How to tell if a Website is Secure 4. What does
System i Security Digital Certificate Manager Version 5 Release 4 System i Security Digital Certificate Manager Version 5 Release 4 Note Before using this information and the product it supports, be sure
Enabling SSL and Client Certificates on the SAP J2EE Engine Angel Dichev RIG, SAP Labs SAP AG 1 Learning Objectives As a result of this session, you will be able to: Understand the different SAP J2EE Engine
Wireless Security: Secure and Public Networks Kory Kirk Villanova University Computer Science firstname.lastname@example.org www.korykirk.com/ Abstract Due to the increasing amount of wireless access points that
Credit Card Security Created 16 Apr 2014 Revised 16 Apr 2014 Reviewed 16 Apr 2014 Purpose This policy is intended to ensure customer personal information, particularly credit card information and primary
Savitribai Phule Pune University Centre for Information and Network Security Course: Introduction to Cyber Security / Information Security Module : Pre-requisites in Information and Network Security Chapter
NovaBACKUP Storage Server NovaStor / May 2011 2011 NovaStor, all rights reserved. All trademarks are the property of their respective owners. Features and specifications are subject to change without notice.
Astaro Security Gateway V8 Remote Access via SSL Configuring ASG and Client 1. Introduction This guide contains complementary information on the Administration Guide and the Online Help. If you are not
TECHNICAL SPECIFICATIONS CrashPlan Security CrashPlan is a continuous, multi-destination solution engineered to back up mission-critical data whenever and wherever it is created. Because mobile laptops
White Paper Enterprise File Serving 2.0 Anywhere, Any Device File Access with IT in Control Like it or not, cloud- based file sharing services have opened up a new world of mobile file access and collaborative
HP ProtectTools Embedded Security Guide Document Part Number: 364876-001 May 2004 This guide provides instructions for using the software that allows you to configure settings for the HP ProtectTools Embedded
Software Defined Perimeter Working Group SDP Hackathon Whitepaper April 2014 2014 Cloud Security Alliance All Rights Reserved. All rights reserved. You may download, store, display on your computer, view,
AircastDB Server A networked AircastDB setup involves two types of servers: An SQL server (PostgreSQL, MSSQL) to hold the metadata for the audio files and scheduling information (library, playlists) One
TLS and SRTP for Skype Connect Technical Datasheet Copyright Skype Limited 2011 Introducing TLS and SRTP Protocols help protect enterprise communications Skype Connect now provides Transport Layer Security
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method... 1 About SSL... 1 About SSH... 2 About OpenPGP... 2 Using FIPS 140-2 Validated Cryptography...
Decryption Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us
Manual for Mac OS X Content 1. Scope of Service... 3 1.1 About Boxcryptor Classic... 3 1.2 About this manual... 4 2. Installation... 5 2.1 Installing Boxcryptor Classic... 5 2.2 Licensing Boxcryptor Classic
RFG Secure FTP Web Interface Step 1: Getting to the Secure FTP Web Interface: Open your preferred web browser and type the following address: http://ftp.raddon.com After you hit enter, you will be taken
Information Security Dr. Vedat Coşkun Malardalen September 15th, 2009 08:00 10:00 email@example.com www.isikun.edu.tr/~vedatcoskun What needs to be secured? With the rapid advances in networked
Computer System Management: Hosting Servers, Miscellaneous Amarjeet Singh October 22, 2012 Partly adopted from Computer System Management Slides by Navpreet Singh Logistics Any doubts on project/hypo explanation
Certificate Management Palo Alto Networks PAN-OS Administrator s Guide Version 6.0 Contact Information Corporate Headquarters: Palo Alto Networks 4401 Great America Parkway Santa Clara, CA 95054 www.paloaltonetworks.com/company/contact-us
CHAPTER 1 Note The information in this chapter applies to both the ACE module and the ACE appliance unless otherwise noted. The features in this chapter apply to IPv4 and IPv6 unless otherwise noted. Secure
Secure Socket Layer Secure Socket Layer Introduction Overview of SSL What SSL is Useful For Introduction Secure Socket Layer (SSL) Industry-standard method for protecting web communications. - Data encryption
PRIVACY, SECURITY AND THE VOLLY SERVICE Delight Delivered by EXECUTIVE SUMMARY The Volly secure digital delivery service from Pitney Bowes is a closed, secure, end-to-end system that consolidates and delivers
Connection Setup Process makes a REST call using the user s access key to chooses a repeater for establishing a secure connection for Local Testing. The repeater exists within the BrowserStack cloud infrastructure.
User Guide CTERA Agent for Mac OS-X June 2014 Version 4.1 Copyright 2009-2014 CTERA Networks Ltd. All rights reserved. No part of this document may be reproduced in any form or by any means without written
2 Privacy Internet Privacy Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 19 June 2014 Common/Reports/internet-privacy-options.tex, r892 1 Privacy Acronyms
MaaS360 Mobile Enterprise Gateway Administrator Guide Copyright 2014 Fiberlink, an IBM Company. All rights reserved. Information in this document is subject to change without notice. The software described
The Case For Secure Email By Erik Kangas, PhD, President, Lux Scientiae, Incorporated http://luxsci.com Contents Section 1: Introduction Section 2: How Email Works Section 3: Security Threats to Your Email
Chapter 7 Managing Users, Authentication, and Certificates This chapter contains the following sections: Adding Authentication Domains, Groups, and Users Managing Certificates Adding Authentication Domains,
Cryptelo Drive Cryptelo Drive is a virtual drive, where your most sensitive data can be stored. Protect documents, contracts, business know-how, or photographs - in short, anything that must be kept safe.
1. Introduction... 2 2. Remote Access via SSL... 2 2.1. Configuration of the Astaro Security Gateway... 3 2.2. Configuration of the Remote Client...10 2.2.1. Astaro User Portal: Getting Software and Certificates...10
Qsync Qsync is a cloud based file synchronization service empowered by QNAP Turbo NAS. Simply add files to your local Qsync folder, and they will be available on your Turbo NAS and all its connected devices.
Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department
Configuring DoD PKI This document describes the procedures to configure an XML Firewall that is interoperable with the United Stated Department of Defense (DoD) Public Key Infrastructure (PKI). High-level
M86 Web Filter USER GUIDE for M86 Mobile Security Client Software Version: 5.0.00 Document Version: 02.01.12 M86 WEB FILTER USER GUIDE FOR M86 MOBILE SECURITY CLIENT 2012 M86 Security All rights reserved.
Try it now: We have setup a Sync folder in the BitTorrent office that contains 1.1GB of BitTorrent Featured Content. You are welcome to sync with it by using the following secret key: RWC4YD3S723QRVHHHIZWJXPTQMO6GKEQR
Introduction to Mobile Access Gateway Installation This document describes the installation process for the Mobile Access Gateway (MAG), which is an enterprise integration component that provides a secure
Configuring Global Protect SSL VPN with a user-defined port Version 1.0 PAN-OS 5.0.1 Johan Loos firstname.lastname@example.org Global Protect SSL VPN Overview This document gives you an overview on how to configure
Application Note A brief on Two-Factor Authentication Summary This document provides a technology brief on two-factor authentication and how it is used on Netgear SSL312, VPN Firewall, and other UTM products.
WS_FTP Professional 12 Security Guide Contents CHAPTER 1 Secure File Transfer Selecting a Secure Transfer Method...1 About SSL...1 About SSH...2 About OpenPGP...2 Using FIPS 140-2 Validated Cryptography...2
VPN Client Overview UMDNJ s Web based VPN utilizes an SSL (Secure Socket Layer) Based Cisco Application that provides VPN functionality without having to install a full client for end users running Microsoft
ReadyNAS Replicate Software Reference Manual 350 East Plumeria Drive San Jose, CA 95134 USA November 2010 202-10727-01 v1.0 2010 NETGEAR, Inc. All rights reserved. No part of this publication may be reproduced,
Preparing for GO!Enterprise MDM On-Demand Service This guide provides information on...... An overview of GO!Enterprise MDM... Preparing your environment for GO!Enterprise MDM On-Demand... Firewall rules