RPort Security Model

Read about all the security measures built into RPort

Built-in and optional security measures

  • Transport Layer Security (TLS): RPort utilizes TLS encryption to secure all communication between the server and managed devices. TLS encrypts data in transit, preventing eavesdropping and data tampering. The administrator can enforce the usage of TLS 1.2 or 1.3.

  • SSH Tunneling: For remote access to devices, RPort employs SSH tunneling, which encrypts remote connections within an existing SSH session. This further enhances security by encapsulating RPort's traffic within a trusted SSH channel.

  • Two-Factor Authentication (2FA): RPort mandates 2FA for all administrative access, adding an extra layer of security beyond passwords. 2FA requires an additional verification factor, such as a code from a mobile app, making it virtually impossible to compromise accounts with stolen passwords.

  • Access Control Lists (ACLs): RPort implements granular access control policies based on user roles and device permissions. This restricts access to specific devices and functions, preventing unauthorized actions.

  • Vulnerability Scanning and Patch Management: RPort can regularly scan managed devices for known vulnerabilities and promptly deploys recommended security patches to minimize the risk of exploitation. Required scripts and actions are not included and must be developed by the user.

  • Malware Detection and Prevention: Optionally, RPort can integrate with anti-malware solutions to detect and block malware infections, protecting devices from malicious software. Required scripts and actions are not included and must be developed by the user.

  • Secure Remote Desktop (RDP): RPort utilizes secure RDP sessions to connect to remote Windows devices, ensuring that all data transmitted during these sessions remains encrypted.

  • Virtual Network Computing (VNC): RPort employs secure VNC sessions using RealVNC's latest frame buffer protocol with AES256 encryption, which provide remote access with encryption and authentication.

Secure development and software lifecycle guided by Mend

The RPort software development is strictly supervised by Mend. Mend, formerly WhiteSource, is a comprehensive software composition analysis (SCA) platform that helps RPort to identify, prioritize, and fix vulnerabilities in their software applications. By scanning code, binaries, and container images, Mend detects known security vulnerabilities, license compliance issues, and potential security risks early in the development lifecycle.

Mend's scanning capabilities improve the security of RPort in several key ways:

  1. Early Detection of Vulnerabilities: Mend's scans identify vulnerabilities in code and dependencies early in the development process, before they are deployed to production. This allows developers to fix vulnerabilities quickly and easily, reducing the risk of security breaches.

  2. Improved Developer Productivity: By shifting security left, Mend helps RPort to integrate security into the development process, making it mandatory for developers to write secure code. This reduces the time and effort required to remediate vulnerabilities later in the development lifecycle.

  3. Automated Remediation: Mend automatically generates patches for many vulnerabilities, making it easy for developers to fix them without manually searching for and applying patches. This saves time and effort, and it helps to ensure that vulnerabilities are fixed promptly.

  4. Reduced Risk of Security Breaches: By identifying and fixing vulnerabilities early, Mend reduces the risk of security breaches. This protects sensitive data and protects the reputation of the organization.

  5. Compliance with Regulations: Mend complies with various software security and licensing regulations, such as the Payment Card Industry Data Security Standard (PCI DSS) and the General Data Protection Regulation (GDPR).

Last updated