Usage Engine is built with a strong focus on security and has a password policy that conforms to NIST 800-63B. It provides the following security features:
Token Based Authentication
Our web UIs and the following agents and profiles uses token based authentication:
- HTTP/2 Client Agent[hide]3.0[/hide]
- Archive Profile [hide]profile[/hide][hide]3.0[/hide]
- Web Service Profile[hide]3.0[/hide]
Role Based Access Control
See Access Controller[hide]3.0[/hide] for more information.
OIDC Identity Provider
Access control to OIDC authenticated applications is integrated in role model, see OIDC Identity Provider[hide]3.0[/hide] for more information.
Encryption at Rest
See Assets and Services[hide]3.0[/hide] for more information.
Encryption at Transit
The following agents and profiles use TLS:
- Diameter[hide]3.0[/hide]
- Email[hide]3.0[/hide]
- FTPS[hide]3.0[/hide]
- HTTP/2 Client Agent[hide]3.0[/hide]
- HTTP/2 Server Agent[hide]3.0[/hide]
- LDAP[hide]3.0[/hide]
- SNMP[hide]3.0[/hide]
- Diameter Routing Profile [hide]profile[/hide][hide]3.0[/hide]
- Security Profile[hide]3.0[/hide]
and the system interfaces use HTTPS and TLS.
Immutable images
is delivered as docker images that are being scanned for any potential CVEs before being made available for download.
Automated certificate management
Use of cert-manager is recommended for deployment in private cloud or AWS, but can be disabled if needed.
See System Requirements - Private Cloud[hide]3.0[/hide], Pre-installation [hide] AWS Terraform [/hide][hide]3.0[/hide] for more information.
0 Comments