AWS Security
Deploying the Lingoport Dedicated VM using AWS has many security advantages. This section develops some of the layers starting with a customer's network to the full implementation of the dedicated VM accessing the customer's network Git repositories.
Contents
The Customer Network without the Lingoport Suite
The customer network before any Lingoport dedicated VM. It is expected to be a secure environment.
The Lingoport Dedicated VM Restricted Access to the Repository
The first step in this deployment is to instantiate an AWS VM. The Customer IT adds only that VM to the list of specific IP's which can access the repositories. The only access provided is to version control systems such as Git (GitHub, Bitbucket, Gitlabs), TFS, or SVN.
No customer data or systems (credit card information, live databases, client data, etc.) are granted access to the Lingoport Dedicated VM.
Restricted Access to the Lingoport Dedicated VM
Conversely, only a restricted set of IP's are allowed to access the Lingoport Dedicated VM. For instance, a system has to be either in the Customer's network or in the Lingoport network to be granted access to the Lingoport Dedicated VM. It behaves as an extension of the customer's network. No other party can gain access to the Lingoport Dedicated VM.
Furthermore, access to the AWS Lingoport Dedicated VM is restricted by SSH key. A public key needs to be set on the Dedicated VM to access connections.
HTTPS and IP Restrictions to the Lingoport Applications
The application on the AWS Lingoport Dedicated VM (the Dashboard or Jenkins) is only accessible when the following conditions are met:
The IP of the calling system is granted access, typically:
- Customer IP range
- Lingoport IP range
The application is secured by account and password over HTTPS.
In other words:
- No one outside the authorized range can reach the system
- Only authorized accounts access / see the Dashboard
- Data communication is over HTTPS
Secure Transfer of Resource Files to/from Translation
