Open

Network Security

If needed, additional security settings can be set for customer, that include:

1. IP restrictions (access from selected subnet)

2. Integration with one or more LDAP, SAML or ADFS server

3. VPN, IPSec and others.

Connectivity between SaaS service and end users requires SSL (see SSL Certificates)

Network Bandwidth

The minimum network speed connection that is recommended and gives acceptable performance is a 3G mobile network. 

4G Mobile network or cable connection of at least 10 Mbps is recommended. 

How is the application optimized for network use?

• The application itself is cached by the browser and advanced cache management techniques are used to load individual application components.

• Application components are "lazy loaded" to optimize initial application load time

• Application exchanges required information using efficient JSON format and utilities XHR browser requests. 

• Large format / scale / resolution images are pre-processed by the server to optimal JPEG or PNG formats to save bandwidth and optimize browser performance. 

• Data transmitted between browser and server is compressed using the “gzip” method. This often helps to reduce the size of transmitted data by half or even more.

Firewalls

Network access is protected by dedicated hardware firewalls. Firewalls and network switching are configured in N+1 redundancy and support automatic fail-over.

User, Storage and system traffic is using a separated vLAN networks or dedicated network.  

Connectivity between Data Centers

Connectivity between data centers is established using a dedicated fiber network.

Available domain names

Customer can access their application via SSL connection under selected address:

1. <customerName>.hyperhouse.se

2. <customerName>.hdc.cloud

3. <customerName>.bim.cloud

Custom domains or certificates can be used as part of individual agreement.

SSL Certificates

Each hosting plan includes an SSL certificate issued by Internet Security Research Group (ISRG). An end user can only connect and authenticate via secured connection encrypted with SSL Certificate. 

Downgrade no non secure connection is not allowed. A custom certificate of any level can be used based on individual agreement.

Base service setup is enough to get an A+ security rating based on Qualys SSL Labs assessment.

Certificate details:

• RSA 2048 bits (SHA256withRSA)

• Protocols: TLS 1.3 TLS 1.2

Other SSL characteristics: