Security & Availability

 @VIEW^NET: A Scalable architecture designed for Security and High Availability.

@VIEW^NET incorporates a state of the art architecture designed to support the needs of our customers.   The platform provides ease of use and a fast response time while maintaining an architecture which ensures your data is always safe.  

 @VIEW^NET was designed to keep your data safe and accessible at all times. Our state of the art application server farm incorporates failover technology which allows for a warm recovery in case of component failure. Our application incorporates multi level access rights management to ensure that data is viewed by those authorized to do so.

 The @VIEW^NET server farm is located in a modern underground facility.  Multiple communication connections, redundant power sources, state of the art flood and fire prevention systems are all implemented to support high availability and survivability. The facility is manned 24 hours a day.

 

Security and classification

@VIEW utilizes a comprehensive authorization process to ensure that project information is only available to those users who have the proper authorization.  Security is high on our priorities! The @VIEW^NET architecture is designed with a separation between the web servers and the back end data-base and file system. User access is limited to the Web servers which then employ the authorization mechanisms to prevent unauthorized access to data. Users do not have direct access to the data-base nor to the central file repository. 

Firewall and Intrusion Detection

@VIEW utilizes industry-standard firewall technology to protect its operational systems from unauthorized access and disruption. Firewalls are used to protect @VIEW's systems from the Internet and from any other network. In addition, @VIEW employs an intrusion detection system to detect and monitor unauthorized access attempts. Security events are logged, reviewed and used to enhance security.

Physical Security

The @VIEW^NET server farm, is located in a modern underground facility. The facility is manned 24 hours a day.  The electricity supply to this facility is both UPS and generator backed and every server rack has a supply from two separate sources. The Facility is equipped with modern fire and flood prevention systems. Environmental controls maintain optimal temperature and humidity for the operational hardware systems

The Facility is connected to the Internet backbone via multiple redundant connections.

SSL

@VIEW systems utilize the Secure Sockets Layer (SSL) protocol to optionally protect data communication. @VIEW folders can be set-up using the SSL option, once under SSL all uploads and download of files from these folders is SSL encrypted.

User ID and Password

To ensure that access to project-related data on the @VIEW platform is limited to those members who hold the appropriate access rights, a password is required to access each account. The password is chosen by the member and is encrypted and concealed even from @VIEW's employees and system administrators. @VIEW also maintains access logs and additional documentation to trace and identify the responsible parties in unlikely event of a security breach.

• Allocations of Passwords - Passwords are allocated automatically by the system when a new user account is established. The password allocation mechanism includes a minimum 6 mixed-case alphabetic characters generator and a rule preventing simplification
• Change of Password by the user - Users may change their account password at any time.
• Account Locked after faulty password entries – Access to a user / account is locked after a specified number of faulty password entries.
• Last login time prompt - The system Notifies the user with the details of his/hers last login time stamp, allowing users to identify possible misuse of their account.
• Restrict logins using TCP/IP address mask - Users can restrict logins to their account from a specific TCP/IP address, set of addresses or mask of addresses. For example, a user can restrict access to his/hers account from a specific address only.

User Access privileges

@VIEW provides hierarchical user access privileges. The access rights of every user can be optionally specified for every folder.

• The system utilizes 7 access levels, optionally defined at a user / folder granularity. 
• No Access - no access to a folder, folder is not presented in the folder tree.
• Read-Only Access  - allows for viewing and downloading of documents ,
• Mark UP Access  - allows the user to add "red line" comments to an existing drawing
• Write Access - enables uploading of files to the specific folder.
• Project Manager Access - enables adding subfolders to the specific folder
• Administrative Access - permits the user to set access definitions for other users in the pertaining to the specific folder.

Access rights and member privileges can also be managed on a per project basis

Disaster Recovery

The @VIEW^NET Solution is designed with a redundant architecture to allow for a warm failover in case of failure of a specific component. The @VIEW server farm incorporates a state of the art EMC3 RAID Storage cluster with dual controllers and redundant power supplies. The storage cluster is designed with multiple independent back-end servers; each independently connected to multiple storage controllers. This architecture provides warm failover capabilities in case of server failure, power supply failure, disk or controller failure. 

The @VIEW^NET front end incorporates multiple, load balanced, web servers. This solution provides high availability, warm failover capabilities and an improved response time. All Servers incorporated in the @VIEW server farm also incorporate an internal redundant architecture including hot-swap disks with RAID architecture, dual redundant power supplies and multiple communication and powers connections.

The farm includes an integrated backup system. Backups are automatically performed daily. Backup sets are periodically rotated outside the hosting facility.