{"id":7843,"date":"2019-01-30T11:56:49","date_gmt":"2019-01-30T11:56:49","guid":{"rendered":"https:\/\/support.loginextsolutions.com\/?p=7843"},"modified":"2026-01-28T09:43:22","modified_gmt":"2026-01-28T09:43:22","slug":"external-attacks","status":"publish","type":"post","link":"https:\/\/support.loginextsolutions.com\/index.php\/2019\/01\/30\/external-attacks\/","title":{"rendered":"Security from External Attacks"},"content":{"rendered":"\n\n\n\t
\n\n\t\t<\/i><\/span> Download PDF<\/a>\n\n\t<\/div>\n\n\n\n\n\n

LogiNext has adopted a multifaceted approach for its application security, to ensure everything from design to engineering to deployment of products – Web Application and Android\/iOS Applications comply with highest standards of security in the industry. LogiNext Cloud Partner standards and compliances are followed and applicable to the LogiNext’s application. <\/p>\n

LogiNext office network where products and applications are designed and developed are monitored, managed and secured by industry-grade firewalls and antivirus software. This ensures the protection of internal information systems from intrusion. Process and systems are in place and regularly audited to provide active alerts in the event of a threat or an incident. All the Firewall logs are stored, maintained, and reviewed periodically. Access to the production environment and systems is via SSH and always through a multi-factor authentication mechanism. Remote access to the production system is possible only via the office network (VPN). Audit logs are generated for each remote user session and monitored for any anomalies. The Network security, Infrastructure, and Release teams monitor the infrastructure 24x7x365 for stability, intrusions, and spam using a dedicated alert mechanism. End-to-end vulnerability assessments and penetration tests are performed every quarter by a trusted professional software partner.<\/p>\n

Network devices, including firewall and other boundary devices, are in place to monitor and control communications at the external boundary of the network and at key internal boundaries within the network. These boundary devices employ rule sets, access control lists (ACL), and configurations to enforce the flow of information to specific information system services. ACLs, or traffic flow policies, are established on each managed interface, which manages and enforce the flow of traffic. ACL policies are approved by Amazon Information Security. These policies are automatically pushed using LogiNext Cloud Partner’s ACL- Manage tool, to help ensure these managed interfaces enforce the most up-to-date ACLs. LogiNext Cloud Partner has strategically placed a limited number of access points to the cloud to allow for a more comprehensive monitoring of inbound and outbound communications and network traffic. These customer access points are called API endpoints, and they allow secure HTTP access (HTTPS), which allows you to establish a secure communication session with your storage or compute instances. In addition, LogiNext Cloud Partner has implemented network devices that are dedicated to managing interfacing communications with Internet service providers (ISPs). LogiNext Cloud Partner employs a redundant connection to more than one communication service at each Internet-facing edge of the network. These connections each have dedicated network devices. User connects to LogiNext via HTTP or HTTPS using Secure Sockets Layer (SSL), a cryptographic protocol that is designed to protect against eavesdropping, tampering, and message forgery.<\/p>\n

LogiNext utilizes a wide variety of automated monitoring systems to provide a high level of service performance and availability. Monitoring tools are designed to detect unusual or unauthorized activities and conditions at ingress and egress communication points. These tools monitor server and network usage, port scanning activities, application usage, and unauthorized intrusion attempts. The tools have the ability to set custom performance metrics thresholds for unusual activity. LogiNext Cloud Partner security monitoring tools help identify several types of denial of service (DoS) attacks, including distributed, flooding, and software\/logic attacks. When DoS attacks are identified, the LogiNext Cloud Partner incident response process is initiated. In addition to the DoS prevention tools, redundant telecommunication providers in each region, as well as additional capacity, protect against the possibility of DoS attacks. LogiNext has implemented the following significant protection against traditional network security issues:<\/p>\n

\u2022 Distributed Denial Of Service (DDoS) Attacks<\/p>\n

\u2022 Man in the Middle (MITM) Attacks.<\/p>\n

\u2022 IP Spoofing. LogiNext Cloud Partner infrastructure cannot send spoofed network traffic. This controlled, host-based firewall infrastructure will not permit an instance to send traffic with a source IP or MAC address other than its own.<\/p>\n

\u2022 Port Scanning. Unauthorized port scans by LogiNext Cloud Partner customers are a violation of the LogiNext Cloud Partner’s Acceptable Use Policy. Violations of this Acceptable Use Policy are taken seriously, and every reported violation is investigated.<\/p>\n

\u2022 Packet sniffing by other tenants. It is not possible for a virtual instance running in promiscuous mode to receive or \u201csniff\u201d traffic that is intended for a different virtual instance. While you can place your interfaces into promiscuous mode, the hypervisor will not deliver any traffic to them that is not addressed to them.<\/p>\n

<\/p>\n

Note: “LogiNext Cloud Partner” refers to the cloud computing platforms which are used to host LogiNext applications. LogiNext treats Microsoft Azure and Amazon Web Services as its Cloud Partners<\/p>\n

<\/p>\n

<\/p>\n","protected":false},"excerpt":{"rendered":"

Download PDF LogiNext has adopted a multifaceted approach for its application security, to ensure everything from design to engineering to deployment of products – Web Application and Android\/iOS Applications comply with highest standards of security in the industry. LogiNext Cloud … Continued<\/a><\/p>\n","protected":false},"author":8,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_bbp_topic_count":0,"_bbp_reply_count":0,"_bbp_total_topic_count":0,"_bbp_total_reply_count":0,"_bbp_voice_count":0,"_bbp_anonymous_reply_count":0,"_bbp_topic_count_hidden":0,"_bbp_reply_count_hidden":0,"_bbp_forum_subforum_count":0,"footnotes":""},"categories":[],"tags":[3013,1164,1165,1166,1167,1168,1169,1170,3011,1163,3014,3015,3016,3017,3018,3019,3020,1019,1162,1161,1160,1159,1158,1157,1156,1144,1143,1141,1136,1135,1113,1083,1081],"_links":{"self":[{"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/posts\/7843"}],"collection":[{"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/users\/8"}],"replies":[{"embeddable":true,"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/comments?post=7843"}],"version-history":[{"count":5,"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/posts\/7843\/revisions"}],"predecessor-version":[{"id":8232,"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/posts\/7843\/revisions\/8232"}],"wp:attachment":[{"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/media?parent=7843"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/categories?post=7843"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/support.loginextsolutions.com\/index.php\/wp-json\/wp\/v2\/tags?post=7843"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}