Architecture Statement

Similar documents
Primex Wireless OneVue Architecture Statement

Learning Management Redefined. Acadox Infrastructure & Architecture

Microservices on AWS

TECHNOLOGY WHITE PAPER Jan 2016

TECHNOLOGY WHITE PAPER Jun 2012

Introduction to DevOps on AWS

Amazon Web Services. Lawrence Berkeley LabTech Conference 9/10/15. Jamie Baker Federal Scientific Account Manager AWS WWPS

EEDC. Scalability Study of web apps in AWS. Execution Environments for Distributed Computing

Razvoj Java aplikacija u Amazon AWS Cloud: Praktična demonstracija

LONDON. 2015, Amazon Web Services, Inc. or its affiliates. All rights reserved

Thing Big: How to Scale Your Own Internet of Things.

Amazon Web Services Yu Xiao

Introduction to AWS in Higher Ed

Service Organization Controls 3 Report

Preparing Your IT for the Holidays. A quick start guide to take your e-commerce to the Cloud

ur skills.com

Cloud models and compliance requirements which is right for you?

Introduction to Amazon Web Services! Leo Senior Solutions Architect

Famly ApS: Overview of Security Processes

CLOUD COMPUTING WITH AWS An INTRODUCTION. John Hildebrandt Solutions Architect ANZ

319 MANAGED HOSTING TECHNICAL DETAILS

Application Security Best Practices. Matt Tavis Principal Solutions Architect

AWS IaaS Services. Methods Digital GCloud Service Definition

McAfee Web Gateway Administration Intel Security Education Services Administration Course Training

DLT Solutions and Amazon Web Services

Scalable Application. Mikalai Alimenkou

Running Oracle Applications on AWS

Simone Brunozzi, AWS Technology Evangelist, APAC. Fortress in the Cloud

Overview and Deployment Guide. Sophos UTM on AWS

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Amazon EC2 Product Details Page 1 of 5

Scaling in the Cloud with AWS. By: Eli White (CTO & mojolive) eliw.com - mojolive.com

Using ArcGIS for Server in the Amazon Cloud

Live Guide System Architecture and Security TECHNICAL ARTICLE

Table of Contents. FME Cloud Architecture Overview. Secure Operations. Application Security. Shared Responsibility.

EXTENDING SINGLE SIGN-ON TO AMAZON WEB SERVICES

EXECUTIVE SUMMARY CONTENTS. 1. Summary 2. Objectives 3. Methodology and Approach 4. Results 5. Next Steps 6. Glossary 7. Appendix. 1.

IAN MASSINGHAM. Technical Evangelist Amazon Web Services

Managed Amazon Web Services

PATCH MANAGER what does it do?

Scalable Architecture on Amazon AWS Cloud

Financial Services Grid Computing on Amazon Web Services January 2013 Ian Meyers

Web Application Hosting Cloud Architecture

Amazon Web Services Primer. William Strickland COP 6938 Fall 2012 University of Central Florida

CONNECTRIA MANAGED AMAZON WEB SERVICES (AWS)

Cloud Computing Disaster Recovery (DR)

Web Application Deployment in the Cloud Using Amazon Web Services From Infancy to Maturity

Alfresco Enterprise on AWS: Reference Architecture

How To Use Aws.Com

Amazon Web Services Annual ALGIM Conference. Tim Dacombe-Bird Regional Sales Manager Amazon Web Services New Zealand

SAS BIG DATA SOLUTIONS ON AWS SAS FORUM ESPAÑA, OCTOBER 16 TH, 2014 IAN MEYERS SOLUTIONS ARCHITECT / AMAZON WEB SERVICES

Optimizing Service Levels in Public Cloud Deployments

Using ArcGIS for Server in the Amazon Cloud

PCI COMPLIANCE ON AWS: HOW TREND MICRO CAN HELP

Web Application Hosting in the AWS Cloud Best Practices

AIST Data Symposium. Ed Lenta. Managing Director, ANZ Amazon Web Services

How AWS Pricing Works

Managing Your Microsoft Windows Server Fleet with AWS Directory Service. May 2015

WE RUN SEVERAL ON AWS BECAUSE WE CRITICAL APPLICATIONS CAN SCALE AND USE THE INFRASTRUCTURE EFFICIENTLY.

Amazon Elastic Beanstalk

Case Study. Cloud Adoption, Fault Tolerant AWS Support & Magento ecommerce Implementation. Case Study

Servers. Servers. NAT Public Subnet: /20. Internet Gateway. VPC Gateway VPC: /16

Building Energy Security Framework

BeBanjo Infrastructure and Security Overview

Every Silver Lining Has a Vault in the Cloud

Designing Apps for Amazon Web Services

Migrating a running service to AWS

Last time. Today. IaaS Providers. Amazon Web Services, overview

Cloud Management. Overview. Cloud Managed Networks

HIGH-SPEED BRIDGE TO CLOUD STORAGE

Service Organization Controls 3 Report

Architecting Applications to Scale in the Cloud

Why should you look at your logs? Why ELK (Elasticsearch, Logstash, and Kibana)?

AWS Well-Architected Framework. October 2015

Cloud Computing with Amazon Web Services and the DevOps Methodology.

Opsview in the Cloud. Monitoring with Amazon Web Services. Opsview Technical Overview

Enterprise Cloud Computing with AWS. for internal partner use only

Alfresco Enterprise on Azure: Reference Architecture. September 2014

Last time. Today. IaaS Providers. Amazon Web Services, overview

Deploying iphone and ipad Security Overview

The High Availability and Resiliency of the Pertino Cloud Network Engine

Amazon Cloud Storage Options

Amazon S3 Essentials

AWS Directory Service. Simple AD Administration Guide Version 1.0

Design for Failure High Availability Architectures using AWS

The Cloud as a Computing Platform: Options for the Enterprise

HADOOP BIG DATA DEVELOPER TRAINING AGENDA

Transcription:

Architecture Statement Secure, cloud-based workflow, alert, and notification platform built on top of Amazon Web Services (AWS) 2016 Primex Wireless, Inc. The Primex logo is a registered trademark of Primex Wireless, Inc. OneVue is a trademark of Primex Wireless, Inc. All other trademarks are the property of their respective owners. All Rights Reserved. Version 05.23.16

Primex Wireless OneVue Architecture OneVue is a multi-tenant solution built on top of Amazon Web Services (AWS). AWS is designed with multiple layers of protection, including secure data transfer, encryption, network configuration, and application-level controls distributed across a scalable, secure infrastructure. AWS provides a scalable architecture with security capabilities while lowering the application life-cycle costs and total cost of ownership for the OneVue capabilities. OneVue Application Architecture Application Development Language - Public and private service layers are constructed with Ruby on Rails. The front-end experience is developed with a responsive design through HTML5 and JavaScript. Operating System - CoreOS and CentOS Database Architecture - PostgreSQL (AWS RDS), DynamoDB, and Redis (ASW ElastiCache) OneVue Technology Stack 2 Architecture Statement

OneVue Security Architecture The security architecture of OneVue is multi-layered, operating through the Amazon Web Services (AWS) security infrastructure. AWS achieved ISO 27001 certification and is validated as a Level 1 service provider under the Payment Card Industry (PCI) Data Security Standard (DSS). AWS provides a secure infrastructure, including physical security, employee life-cycle management, and regular, third-party audits. The adoption of AWS by Homeland Security, NASA, and the Central Intelligence Agency demonstrates the high level of security AWS provides in its architecture. Primex leverages the secure architecture of AWS to provide a cost effective solution that encompasses the high-security needs of our customers. AWS Identity and Access Management (IAM) with Multi-Factor Authentication - Controls and manages user credentials, including passwords, access keys, and permissions policies. IAM allows for the central management of all users, allowing Primex to control user access to individual records and services. Primex adds to this multi-factor security by controlling and managing the Primex resources granted access to the OneVue development and production environments through IAM. This provides complete security and ensures that not only can Primex control the security of customer information, but also audit and manage the access of Primex development, engineering, and support resources. AWS Virtual Private Cloud (VPC) - Provides the separation of OneVue customer instances. Primex uses the AWS VPC services to provide separation of data and services between environments. Additionally, Primex uses the VPC service to secure all connectivity for development, training, and technical support functions. Encrypted Data Storage - Secures data throughout the record lifecycle. OneVue only accepts SSL-encrypted connections from client connections and reporting sensor and clock devices. Additionally, data is encrypted and maintained securely in storage with all of the AWS data services. 3

OneVue Architecture - Amazon Web Services (AWS) OneVue is comprised of the following Amazon Web Services (AWS). Database DynamoDB - Predictable and Scalable NoSQL Data Store Primex uses DynamoDB to store large data sets; such as sensor readings. DynamoDB is designed by AWS for zero administration, low latency, and unlimited throughput - making it the perfect selection as a service to provide OneVue sensor reading and logged reading functions. ElastiCache - In-Memory Cache Primex uses ElastiCache to store user sessions and cache data. ElastiCache provides automatic failure detection and recover, detailed monitoring and metrics, and push-button scaling. Relational Database Service (RDS) - Managed Petabyte - Scale Data Warehouse Primex uses RDS to run the relational Databases for OneVue; Amazon manages all backups and maintenance. AWS designed RDS for ease of deployment and efficient host replacement in a big-data environment. Storage & Cloud Delivery Network (CDN) Simple Storage Service (S3) - Scalable Storage in the Cloud. Primex uses S3 to store backups, user profile images, and reports. Files are backed up and readily available to users. The S3 service is designed for durability and resilience, ensuring data is never lost or at risk. Compute & Networking Elastic Cloud Compute (EC2) - Virtual Servers in the Cloud. Primex leverages EC2 to reduce the time required to obtain and boot new server instances down to minutes - allowing the Primex engineering team to quickly scale capacity, both up and down, as computing requirements change. Virtual Private Cloud (VPC)- Virtual Secure Network Primex uses VPC to separate each service that makes up OneVue. This secures the EC2 servers for each part of OneVue to ensure they can only communicate with the servers needed. Elastic Load Balancing (ELB) - Load Balancing Service Primex uses ELB to automatically distribute incoming traffic between multiple Elastic Cloud Compute (EC2) instances. 4 Architecture Statement

Compute & Networking Auto Scaling Groups (ASG) - Automatically Scale Up and Down Primex uses ASG to maintain application availability and scale the Amazon EC2 capacity up or down automatically. Route 53 - Scalable Domain Name System Primex uses Route 53 to manage all DNS settings for OneVue. This allows Primex to change DNS settings as needed to spread the load across servers or direct traffic to new servers when deploying new versions of OneVue. Deployment & Management CloudFormation - Template AWS Resource Creation Primex uses CloudFormation to manage all of the resources used for OneVue - allowing Primex to spin up new environments as needed. In the event of a major outage of AWS, OneVue can quickly be moved to a new region of AWS. CloudWatch - Resource and Application Monitoring. Primex uses CloudWatch to monitor servers and trigger ASG to scale servers based on load. Identity and Access Management (IAM) - Secure AWS Access Control Primex uses IAM to control access to all of the OneVue services. Each user is required to use a Multi-Factor Authentication to log in. Primex uses IAM Roles to restrict each EC2 servers access to resources, including the S3, SQS, RDS, and DynamoDB resources. App Services SES - Email Sending Service All email traffic sent from OneVue uses SES. SQS - Message Queue Service Primex uses SQS for guaranteed message delivery between the services that make up OneVue. For example, when a Text Message or Voice Call needs to be sent out the requests are sent into a queue before they are then forwarded on to Twilio. SWF - Coordinating App Components Primex builds, runs, and scales background jobs that have parallel or sequential steps - allowing for a fully-managed state tracker and task coordinator in the Cloud. For example, SWF is used to manage the background processes of OneVue. The timers are used to control when email, text, or voice alert messages are sent out and escalated. 5

Network Communication Protocols - Primex Devices The complete technology stack of the Primex Wireless OneVue platform is designed in-house, allowing Primex to control the user experience and provide the highest level of reliability and security. To support the myriad of network security and protocol standards in today s business environment, Primex devices offer an array of options for secure network connectivity. This ensures our customers can use and leverage our full line of products without adding costly, additional IT infrastructure. Wireless Networking Protocols: 802.11b, 11g, single stream 11n* (2.4 GHz) Security Protocols: None, WEP (Open & Shared), WPA (TKIP & AES), WPA2 (TKIP & AES) Encryption Protocols: TLS 1.2 Authentication Protocols: None, EAP-FAST, EAP-TLS, EAP-TTLS (MSCHAPv2), PEAP v0 (MSCHAPv2), PEAP v1 (GTC) Network Communication Protocols: Hypertext Transfer Protocol Secure (HTTPS) IP Addressing: Dynamic Host Configuration Protocol (DHCP), static IP addressing Data Packet Size: typically less than 5 kilobytes (kb) * Only applies to PrimexTEMP and IAQ series sensors, PrimexEVENT devices, and Levo series clocks. About Primex Wireless Primex Wireless is the leading provider of solutions to automate and maintain facility compliance, increase efficiencies, enhance safety and reduce risk for enterprise organizations in the healthcare, education, manufacturing and government vertical markets. Primex Wireless delivers platforms that use a facility s existing network infrastructure to automate, monitor, document, and report on the essential activities performed by facility staff. The platforms delivered by Primex include synchronized time, environmental monitoring, and bell scheduling systems. Address 965 Wells Street United States Lake Geneva WI 53147 Canada 18977 Leslie Street, 2nd Floor Sharon, ON L0G 1V0 Email info@primexinc.com info@primexwireless.ca Web www.primexwireless.com www.primexwireless.ca Telephone 800. 537.0464 800.330.1459 Fax 262.248.0061 905.952.0134 6 Architecture Statement

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information