CLOUD SECURITY

Aerohive employs industry-leading practices and technologies to secure our cloud networking solution and its underlying cloud infrastructure.

Aerohive’s Cloud Services are hosted within Amazon AWS (Amazon Web Services) data centers, taking advantage of AWS security and compliance capabilities at the data-center layer. Aerohive takes additional measures to secure our cloud-based applications, including:

  • Firewalling, to control and protect inbound and outbound traffic
  • Threat detection, with continuous monitoring for malicious and unauthorized behavior, including unauthorized system access and brute-force attacks
  • DDoS-attack prevention and flow control with industry-leading tools
  • Staging all HiveManager releases and patches with continuous penetration scanning for application vulnerabilities, to prevent any issues prior to actual deployment in production
  • Industry-standard OS hardening processes for production server deployment
  • Daily backups of production-network data, and storage of backups in an encrypted state
  • Securing access to the underlying computing infrastructure with features like VPC, NAT, TLS encryption, reporting tools and automated password protection
  • Strictly limiting access to the AWS cloud infrastructure to a small number of designated Aerohive DevOps engineers
  • Monitoring and tracking DevOps-personnel activities in the AWS environment, with a server/application audit trail.

In addition, AWS implements its own set of activities and controls to keep data centers and the customer data in them secure. These include:

  • Plans for business continuity and disaster recovery
  • Operational systems design (redundant power, HVAC, fire, and leakage detection systems) to ensure physical safety of the datacenter
  • Comprehensive access controls, surveillance, and detection of unauthorized presence
  • Monitoring and logging of all access to the facilities
  • Device management and strict decommissioning procedures of server hardware and hard disks to ensure that no customer data leaves the datacenter

Additional information about AWS datacenter and security controls is located here.

For added security, our cloud networking solution also encrypts the data traffic while in transit between a customer’s site and the RDC containing the customer’s HiveManager Public Cloud instance. The RDCs also do not collect or retain any data traffic generated on the customer networks.