At Obkio, security is very important to us, and we try to incorporate security mechanisms at every step of our development process in order to ensure that our software is protected against the various types of attacks and vulnerabilities.
We never capture any of your traffic to measure the performance. All the measure are made through synthetic traffic.
Cloud Infrastructure Security
The Obkio production infrastructure is hosted at Amazon Web Services (AWS) in the Northern Virginia (us-east-1) region across multiple availability zones. Each service is running in its own containerized environment with restricted access to only the required resources and information. The deployment of new releases and software patches are done through our continuous integration process.
The agent’s software is updated automatically whenever a new update is available, ensuring that the latest security patches are always applied.
Agent Operating System
For the hardware agents and virtual appliances, we use the BalenaOS operating system in order to simplify our application deployments and to ensure that the OS is always secure and up-to-date. In order to perform device maintenance, we set up an OpenVPN tunnel to the device on BalenaCloud, which gives a few select people from Obkio SSH access to the device.
The agent needs to have internet access to function properly. The list of open ports is available at: http://help.obkio.com/articles/2813605-advanced-outbound-firewall-configurations
It is possible to configure an ACL on the switch port on which the device is connected in order to restrict internet access and communication with other agents to a private network.