HP Designjet T520 HP Designjet ePrint & Share - Security white paper - Page 6
/Load balancing and redundant storage, Security quality assurance
View all HP Designjet T520 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 6 highlights
• Firewall: Amazon EC2 provides a complete firewall solution; this mandatory inbound firewall is configured in a default deny mode and Amazon EC2 customers (HP) must explicitly open all ports needed to allow inbound traffic. Highly secure applications can be deployed using this mechanism. In the case of HP Designjet ePrint & Share, administrative access is limited to qualified HP support staff, and even they do not have access to users' data, which is stored in encrypted form. • Securing data at rest (stored data) involves physical security and data encryption. Amazon employs multiple layers of physical security measures to protect customer data at rest. For example, physical access to Amazon S3 datacenters is limited to an audited list of Amazon personnel. Encryption of sensitive data is generally a good security practice, and AWS encourages users to encrypt their sensitive data before it is uploaded to Amazon S3. As mentioned above, all eP&S customer data is encrypted by HP before being stored. Load balancing and redundant storage In addition to the Service Level Agreements provided by Amazon Web Services EC2 and S3 services (http://aws.amazon.com/ec2-sla/ and http://aws.amazon.com/s3-sla/), and in order to provide high system availability, HP Designjet ePrint & Share runs in a loadbalanced environment, with different application servers hosted in different availability zones inside the Amazon Web Services network. The back-end database runs on a multi-server relational database management system, configured in a master-slave topology which automatically replicates all the data between the master and the slave. For enhanced reliability, the master and the slave are also physically hosted in different availability zones. There is no single point of failure in the HP Designjet ePrint & Share infrastructure, allowing us to offer an availability that typically exceeds 99.9% (excluding planned maintenance periods). Customer files are stored in Amazon S3 (Simple Storage Service), a storage infrastructure designed for mission-critical data. Files inside S3 are redundantly stored on multiple devices across multiple facilities in Amazon, and any lost redundancy is automatically repaired. Amazon S3 is designed to provide an availability over 99.9% and a durability of 99.999999999%. As mentioned earlier, for enhanced security all customer files are encrypted using an industrystandard algorithm. Security quality assurance We take security very seriously, and apart from regularly performing security assessments, vulnerability scans, and updating security assets, we promise to react quickly to any security incident and remedy any vulnerable situation or risk. If you would like to provide any specific feedback on security-related topics, please send an email to [email protected]. 6