Web interface security, Psp analytics application security, Psp data center physical security – Extreme Networks SECURITY OVERVIEW 120350-00 User Manual

Page 7

background image

Web Interface Security

Premier Services Program (PSP) Tools: Security Overview


Web Interface Security

Users log in to the PSP tools through a secure web interface. The user has the option to encrypt the data
transfer as well for the PSP connection session. The connection between the browser and the web server
is secured through industry-standard procedures and protocols, as follows:

1024-bit authentication and SSL or TLS.

The level of communications encryption is negotiated with the

client browser and supports up to 256-bit encryption.

User ID and password.

Passwords are stored (one-way-encryption) through a secure hash algorithm

version 1 (SHA-1) hash so that they cannot be recovered as plain text even with direct database access.

PSP Analytics Application Security

The PSP application is secured with a combination of internal policies and network security measures.

Internal policies that safeguard the hosted application include the following:

Strict rights management.

Rights are restricted to only necessary services and qualified personnel.

Limited physical access.

The application servers are within locked cages and safeguarded by card-

key access.

High Availability.

All the functional components (data and services) have been deployed with full

redundancy and failover capability.

Database backups and archives.

All data is backed up and archived regularly and securely. The

backups include on-line short term disk-based backups for fast recovery as well as tape based
backups for longer term and disaster recovery purposes.

Network security measures include the following:

Enterprise firewalls.

High-end firewalls with strict policies to secure and maintain data and


Network address translation (NAT).

NAT ensures that internal IP addresses are hidden and not

routable from the outside.

Hardened Applications.

The PSP website has been hardened against malicious attack attempts

includes techniques like cross site scripting (XSS) attacks, and SQL/JavaScript injection attacks.

PSP Data Center Physical Security

The PSP Data Center is located inside a tier 1 telecommunications facility, secured as follows:

Solid construction.

The PSP Data Center can withstand high severity level natural or man-made


Highly available and reliable network connectivity.

Redundancy at every level ensures high

availability of all the PSP application services.

Continuous manned security.

Professional security personnel are present 24x7.

Restricted access.

Use of key cards, keypad access, and biometrics, all under video surveillance,

ensures that access is restricted to the correct personnel.

Fire suppression.

Zoned smoke detection and a fire suppression system protect against fire damage.