InterCall Virtual Environments and Webcasting Security, High Availability and Scalability Overview 1. Security 1.1. Policy and Procedures The InterCall VE ( Virtual Environments ) and Webcast Event IT team established its security policy in 2009. The policy was defined and approved by the management team of the company. The policy guides the different departments in the company methods relating to security and is used as a guide for the creation of the Information Security procedures. 1.2. Information Security Operational Committee The InterCall VE and Webcast Event Information Security Operational Committee which includes the director of engineering, IT manager and the information security officer is responsible for the technical aspects of securing the data and the services that the InterCall VE and Webcast Event teams maintain and provide for its customers. The committee meets every two months; it reviews new threats and vulnerabilities and plans the security controls and countermeasure that need to be placed to protect InterCall VE and Webcast Event assets. The committee monitors the implementation of the security controls and makes sure they mitigate the threats. 1.3. System Security 1.3.1. Physical Security The InterCall VE and Webcast Event platform is hosted in the USA in a SAS70 certified data center that provides high physical and logical security controls. Strict policies and procedures ensure the utmost security which includes biometrics finger printing scan, card key access and video surveillance camera technology. Anyone visiting the datacenter facility must be escorted by the datacenter employee to a designated location. Visitors are required to sign the visitors log and obtain a visitor badge. Every visitor is matched against the pre-approved authorized listing. The datacenter is divided into several security zones, clients are permitted to access only the zone where their equipment is located. All cabinets are locked with individualized keys. Video cameras are strategically placed throughout the facility and are monitored 24x7. Historical video data is viewable at a minimum of fifteen days. 1.3.2. Network Security The InterCall VE and Webcast Event architecture incorporates Check Point Firewalls to protect the platform. Network traffic from the internet into the datacenter routes through firewalls which allow access only to a specific set of machines and services. The InterCall VE and Webcast Event architecture divides the datacenter into multiple network zones each containing a set of information services and information systems. Check Point firewalls control the network between the zones and allow access only to the relevant and desired services at each zone. In addition to the access control the firewalls isolate the internal network from the outside world using Network Address Translation. NAT ensures that the internal network addresses are not exposed to the external peer and can t be used to hack into the system. The firewalls are kept up to date with the latest security patches. 1.3.3. Antivirus INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 1
Antivirus systems operate on all the servers in the data center to prevent malicious code. The AV systems are being updated continuously. 1.3.4. Access Control Only the InterCall VE and Webcast Event IT team has administrative access to the servers and workstations in the datacenter. When an IT member leaves the company accounts are deactivated promptly. The administration access to the servers and systems in the datacenter is via Check Point VPN. The VPN authenticates the client by a client side certificate and encrypts all the network traffic between the client computer and the datacenter. 1.3.5. Change Management All the changes in the datacenter to hardware, software or a platform configuration change follow a Change Management procedure. The change must be planned in advanced checked in the QA environment and approved by the IT manager. Once the change is implemented in the datacenter it is verified by the QA team. The procedure assures that all changes to the production environments are controlled and documented. 1.3.6. Maintenance Maintenance of the InterCall VE and Webcast Event platform is done by the internal IT department or under its direct supervision. Most of the maintenance is done from the InterCall VE and Webcast Event offices using VPN. The redundancy at each layer enables hot deployment and configuration without a downtime. 1.3.7. Personnel 1.3.7.1. Recruitment InterCall VE and Webcast Event perform reference checks for new employees. All new employees are required to sign a non-disclosure agreement during the hiring process. 1.3.7.2. Information Security awareness and training The InterCall VE and Webcast Event security team educates its employees about the importance of securing the data and the services it provides. All employees have an annual information security awareness session that reviews security threats and vulnerabilities that are relevant to every employee. The session gives the best practices for avoiding security pitfalls. There is a special training for developers. In their training the learn how to develop a secured application that will resist hacking attempts. 1.3.7.3. Leaving the company. When an employee leaves the company for any reason, his user account as well as his application account are disabled. He required returning his employee badge immediately. Any access s/he has to the company network is blocked. 1.3.7.4. Third Party. Contractors and third-parties are required to sign a non-disclosure agreement before they are granted any access to the data or services at InterCall VE and Webcast Event. They are granted access only to the required services and have the minimum privileges required for fulfilling their job duties. When the contract ends, their accounts are disabled and their access to the information and services is blocked. 1.3.8. Audit and Accountability Every user in the VE application has a unique user name and a password. Thus users are accountable for any activity that is done under their accounts. Administration actions are logged INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 2
in a separate log file and there is a separate log file for security related actions. The InterCall VE and Webcast Event security team retains the log files and can audit them if there is any suspicious for an unauthorized or a malicious activity. 1.3.9. Security Assessment The InterCall VE and Webcast Event security team uses an outside firm specializing in information security to assess its security. A thorough penetration test is executed annually at a minimum. The tests examine the platform infrastructure as well as the application and services and look for vulnerabilities. The results of the penetration tests are reviewed by the Information Security Council and by the IT and R&D departments. Based on the findings and their severity, InterCall VE and Webcast Event plans the fixes project. High severity issues are fixed and deployed as soon as possible. 1.4. Application Security The InterCall VE and Webcast Event platform was designed and developed with security concerns in mind. Authentication, Authorization, User Roles and Permissions have been part of the platform from the first day. Every new feature is checked at requirement and design phases to make sure it doesn t expose new vulnerability or break the defined policy. 1.4.1. OWASP InterCall VE and Webcast Event developers follow Open Web Application Secure Project recommendations for developing a secured application and avoiding the common security risks as SQL injection, Cross Site Scripting, Cross Site Request Forgery, Insecure direct object reference, URL access etc. 1.4.2. Development Life Cycle The development of the VE platform follows strict procedures and best practices that assure the product is at the highest level of quality and security. 1.4.2.1. Design Every new system, service, or feature is evaluated in the requirements and design phases in terms of information security and privacy. The Chief Information Security Officer reviews every major change in the system. 1.4.2.2. Development InterCall VE and Webcast Event developers are trained to develop a secured application using OWASP best practices and using industry tools and standards. In addition to the regular reviews during development, security related feature development is guided and mentored by the CISO. 1.4.2.3. Configuration Control The InterCall VE and Webcast Event Development team maintains the source code and the libraries used in development in a source control repository. The access to the repository is granted to developers only. Documentation of the requirements and the technical design are kept in a documentation repository. 1.4.2.4. QA Platform updates as well as patches and hot fixes are all deployed and tested thoroughly in a dedicated QA environment. The QA environment simulates the production environment in terms of tiers separations and high availability clusters. The QA environment is located at the development site and doesn t contain customer data. 1.4.2.5. Staging INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 3
When a new software version passes the testing in the QA environment and just before it deployed into the production environment, the software is deployed into a staging environment located at the datacenter. The staging environment has the same security controls and configuration as the production environment and is used to check the software on real data. 1.4.3. Authentication All the users of the InterCall VE and Webcast Event stakeholders as well as visitors must register and log in before they can access any resource or visit any event in the application. The regular authentication process is based on user name and a password. The default password policy is 8 characters in length, contains upper case and lower case characters and digits. After 5 failed login attempts, the account is locked for two minutes to prevent brute forcing and denial of service. In addition to the user/password authentication, InterCall VE and Webcast Event supports proprietary authentication methods as well as standards based authentication methods such as Facebook Connect and SAML (coming soon). 1.4.4. Session Management Every time a user is logged in s/he is assigned a dedicated session. The platform keeps track of the active users and the users always have the option to explicitly logoff the application and end their sessions. The system automatically ends the session and logs off a user that is not active for a configurable time period. 1.4.5. Authorization The InterCall VE and Webcast Event platform checks and authorizes every incoming request based on the user role and scope, the type of the action and the targeted object. The VE platform has predefine roles and object ownership and the relevant interfaces and services are accessible only to the authorized users. In addition there are different permission per object thus some user may view a specific object while the owner of the object may update or even delete it. 1.4.5.1. Edge Authorization The InterCall VE and Webcast Event delivery strategy uses CDN facilities to serve static and dynamic / live streamed content with the smallest latency and unlimited capacity for end users all over the world. The InterCall VE and Webcast Event authentication functions make sure that the CDN servers are authorized for every access to restricted content. 1.4.6. Access Control The InterCall VE and Webcast Event platform has a built in access control mechanism and customers may define their own fine grain restrictions on top of it. 1.4.6.1. Application Access Control Most of the content that is published in a VE can be viewed by every registered user unless configurable access controls are used Only the owner of the content can update the content, publish, hide or delete it. 1.4.6.2. Configurable Access Control In addition to the predefined access controls, customers can create their own Access Control Lists by creating groups of objects that can only be accessed by a restricted list of users. 1.4.6.2.1. Registration ACL Customer can allow or prevent the registration of users with specific email addresses or email domains. Customers can create a list of specific users who can enter an event or restrict the event to users from a specific company. INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 4
1.4.6.2.2. Location ACL In addition to the control at the entrance point, customers can restrict the access to any location (e.g. Booth, Webcast, and Resource Center) and create a list of users which can enter the location and access the data it contains. The user list can be created base on any of the following characteristics of a user: Role, Email Address/Domain, Registration attributes. 1.4.7. Email Verification The customer can require verification of the registrant s email address during the registration process. Only after the verification is completed successfully, the registrant may then access the event. 1.4.8. Audit and Accountability Every administration action is logged in a dedicated log which includes the action, user, time and date and the action parameters. There is an additional log that contains security related actions (login/logout, account and privileges management). 1.4.9. Security Assessment The InterCall VE and Webcast Event application is tested annually by an external party. The results are reviewed by the management team. Findings are ordered by their severity and a plan is created to fix the vulnerabilities by their severity. 1.4.10. SSL and Encryption The InterCall VE and Webcast Event support full encryption of the client server channel. The platform also encrypts passwords in the DB. 1.4.11. Configurable Security The InterCall VE and Webcast Event security team recommends its customers use the highest level of security. Nevertheless, The InterCall VE and Webcast Event team lets the customers adjust the security configuration to meet their specific security requirements. The customer has the control of the password policy parameters, whether to enable guest account (with restricted permissions), encryption channels and more. 2. High Availability As the leading provider of virtual events and conferences InterCall VE and Webcast Event is committed to deliver it services 24 hours 356 days a year. InterCall VE and Webcast Event uses best tools and practices to make sure that the service won t be interrupted for any reason. 2.1. Redundancy All the servers in the InterCall VE and Webcast Event platform run in clusters. Wherever a server fails the traffic is automatically redirected to another server in the cluster. 2.1.1. Web Tier The web tier runs on a cluster of IIS servers. In case of a failure in one of the web servers the load balancer disables the routing of requests to that server until it is verified as active again. 2.1.2. Application Tier The InterCall VE and Webcast Event platform uses Oracle Weblogic to run the application. The Weblogic servers run in a cluster and each web server routes requests to any available INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 5
application server. 2.1.3. DB The InterCall VE and Webcast Event platform uses Oracle Enterprise edition in a Real Application Cluster configuration that allows it to run multiple active servers concurrently. In case of a failure in one of the DB servers the application servers are configure to route the queries to the other DB. 2.1.4. Streaming The InterCall VE and Webcast Event platform operates two separate routes for producing and broadcasting every single webcast. In case of failure with one of the lines the users are automatically redirected to the second line. 2.1.5. CDN The broadcasting of the live and on demand streaming is via the Akamai CDN. The InterCall VE and Webcast Event platform provides Akamai primary and secondary streams. In case of failure in the primary stream Akamai uses the secondary as the source. Akamai provides the stream to the end users via hundreds of media servers globally which are fully redundant. 2.2. Load Balancers The InterCall VE and Webcast Event platform uses two Radware App Director load balancers to route the traffic to the internal servers. The load balancers are synchronized and run in an active/passive mode where in case of a failure the passive server become active immediately. 2.3. No Single Point of Failure The InterCall VE and Webcast Event platform is fully redundant. Each server is connected to two power adapters and has network connectivity via two network interfaces. Each power adapter is connected to a different power source. Each network interface is connected to a different switch making every server available via two different routes. 2.4. Disaster Recovery The InterCall VE and Webcast Event architectural team will deploy a second datacenter in 2012. The second datacenter will extend the current capacity as well as provide failover and backup capabilities. The two datacenters will synchronize their data. Thus, in case of a disaster in one of the datacenters the second datacenter will serve promptly, the users of the datacenter that failed. 2.5. Storage The InterCall VE and Webcast Event platform uses IBM XIV storage. This storage has its own built it redundancy and high availability in terms of disks, controller, network interfaces and power supply. 2.6. Monitoring The InterCall VE and Webcast Event IT team monitors the availability and the performance of the system utilizing various automated tools. The tools monitor and access different components and different layers from the infrastructure level up to the application level. As a global communications technology leader the InterCall VE and Webcast Event architecture incorporates a worldwide monitoring system that measures the application availability from 5 different locations around the world. As part of the online monitoring, when an error occurs or a threshold is being reached an alert is send to the InterCall VE and Webcast Event IT team via email and SMS. INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 6
3. Scalability The world of online meeting and conferencing grows fast. The amount of events and the number of users that attend each event increase every month. The InterCall VE and Webcast Event development team built the platform to support not only today and tomorrow s demands but to be able to quickly scale out and support huge growth. 3.1. Cluster Every tier in the InterCall VE and Webcast Event platform from the web tier to the persistence tier is built of a cluster of servers. Instead of scaling up by upgrading the server hardware, InterCall VE and Webcast Event extends it capacity easily and more cost effectively by adding additional servers to the relevant tier. 3.2. CDN The InterCall VE and Webcast Event platform uses CDN delivery as much as it can, the CDN infrastructure contains thousands of servers all over the world and allows the VE platform unlimited scale in terms of streaming and web content. 3.3. Load Test The InterCall VE and Webcast Event development team continually checks and enhances its capacity and its performance under heavy load by conducting massive load tests. Using Amazon cloud the InterCall VE and Webcast Event team tests its platform with more than 30,000 concurrent users including a short ramp up. InterCall VE and Webcast Event engineers monitor and review the load results and the matrix and measurements that were collected from the VE platform. The load results are scrutinized to make sure the system performance and behavior meet the requirements under load and identify any bottleneck in the hardware, software or the network that compose the VE platform. INFO@INTERCALL.COM INTERCALL.COM 800.820.5855 7