|
3731 Conflans Rd, Irving, TX
75061 |
| Home |
|
|
Overview
A probe or agent gathers all data used within the MSP central solution. A probe is a physical component that resides within a client infrastructure behind their firewall or within their private IP spaces. An agent is a software component that may be installed on a host device to gather data that is specific to the hardware, services and applications running on that device. Data is communicated to the system via a proprietary interface built around the SOAP (simple object access protocol) messaging protocol. The DMS (data management system) provides this interface to the system. In addition to providing an interface, the DMS is also the business logic layer of the application. All rules that govern how the system deals with data are executed at this level. All physical data (configuration or monitored) is stored within a relational database. The web-based user interface is dynamically generated by the application server and provided to the user through a standard web browser. User Interface Security The first aspect of security involves the users’ interaction with the system. If users will be accessing the system from an insecure environment, MSP central supports https communication (using a secure apache server). In addition, the system administrator can mandate the use of https through the administrative interface. User login credentials are secured through the use of and MD5 encryption algorithm applied at the server level. MD5 is a one-way algorithm, which means that the user credentials cannot be retrieved from the database in a recognizable form, nor can the encrypted credentials be decrypted to reveal the original password. Agent / Probe Communication Probes are used to perform network tests on devices within a client infrastructure behind a firewall or NAT. agents can be used in a similar fashion to perform hardware, OS or application tests on their host system. Both the probes and the agents are designed to allow communication between the probe/agent and the MSP central server without piercing the client’s firewall, port forwarding or any other modification or configuration. The probes and agents always initiate communication with the MSP central server. This communication typically occurs over port 80 (SOAP over http) or port 443 (SOAP over https) although the system administrator can easily configure the system to communicate over non-standard ports. Most client infrastructures allow outgoing web traffic by default, so the instantiation of a connection between probe/agent and MSP central server is permitted. Once the connection or socket is created, communication between the probe/agent can flow freely until the socket is closed. In addition the system administrator can choose to encrypt all communications between the probe/agent and the MSP central server. The probe is designed with security in mind. The operating system is a hardened operating system supporting minimal external communications where all inbound communications are secure. Operating System Security Computers and operating systems are only as secure as the applications that are running on them (and vice versa). JT Computer Marketing has created an operating system that is based on RedHat Linux version 9.0. JT Computer has removed any package that is not specifically required for the operation and support of the MSP system, as well as applied applicable security patches to the appropriate package. Ongoing Maintenance As new security exploits are discovered and patched, JT computer incorporates them into service packs, which are distributed as part of our ongoing support. Encryption Algorithms MSP utilizes OpenSSL; the most widely used secure socket layer implementation in the world. OpenSSL is a library that provides cryptographic functionality to applications such as secure web servers. The SSL security protocol provides data encryption, server authentication, message integrity, and optional client authentication for a TCP/IP connection. SSL comes in two strengths, 40-bit and 128-bit, which refer to the length of the symmetrical “session key” generated by every encrypted transaction. The longer the key; the more difficult it is to break the encryption code. MSP uses 128-bit key length and the RSA encryption algorithm. Physical Security The physical security of the MSP server is the responsibility of the customer; however, JT Computer does promote and advise customers to apply at least basic physical security precautions, which include:
|
|
JT Computer Established 1986 |
