Presale questions regarding security
Hello,
I dont know if this is the correct subforum, but please move it to the correct one.
We are a team of people providing outsourcing to our customers, we´d like to centralize our management using RDM. So far we tried your product, and it really offers what we want. We opted using MSFT SQL server as our backend. Using the trial we created a hierarchy that would suit our needs (customers, server, sites, sessions, etc.).
1) we are able to access RDM SQL server database from the internet by exposing SQL server ports to the net, your desktop client works really fine with this (encrypted connection), however we were unable to connect using the mobile client - is this done on purpose? Or is this feature planned? https://technet.microsoft.com/en-us/library/ms189067(v=sql.105).aspx
2) is data source somehow encrypted? That means if it gets stolen, remounted elsewhere, how can we protect the data?
3) is the communication from clients to SQL database somehow encrypted? Is it possible to do MITM attacks on your product? How are data transfered?
4) What is the security provider option for? (ok i´ve read the help article) It mentions XML, what kind of XML and what is this XML used for?
5) what kind of security provider your mobile app supports?
6) if we buy 3 year U&M plan - does this mean we have upgrades for 3 years? What happens after 3 years? I see the checkbox for existing customers, is it possible to only buy 3 year U&M plan again? Or do we have to buy 3 product licenses again with 3 year U&M plan?
Thank you for your answers,
Alex :)
All Comments (6)
Hello,
Maurice
Hello,
For your question about SSL on mobile devices with SQL Server data source, this is not supported. We use Mono (http://www.mono-project.com) in RDM iOS and RDM Android and this application doesn't support SSL on a SQL Server data source.
If you want to use SSL for all your devices, you would need to use Devolutions Server as your data source - https://server.devolutions.net/
Best regards,
Jeff Dagenais
First of all, thank you both for your answers.
As for 1) cant you implement your solution with MSFT released library? https://www.nuget.org/packages/System.Data.SqlClient/ . I think connection to the SQL server would be better implemented using IPsec VPN on our side (as a temporary solution), but since encryption is enforced for example in Azure, it would broaden the possibilities of your client, even on macOS (where I think you also implement Mono provider).
2) does this mean that with SSL on SQL server enabled, and Security provider encrytion, the data will be encrypted twice?
6) one month term is ok, but that doesn´t answer the question regarding if we have to buy product licenses again with U&M plan, or just the U&M plan alone, because your web calculator shows 0$ without any product selected.
Additional question - is it possible to buy from EU? Without VAT?
Thank you.
Hello,
1) I will ask engineering to respond
2) SSL is transport level encryption, whereas the security provider is for storage. Different goals.
6) no need to buy new licences if you keep the maintenance plan active
7) You can choose one of our multiple resellers in EU to help you with that. Find a Reseller
Maurice
Hi,
Unfortunately, this library doesn't support mono projects. We have already tried it.
Best regards
Mathieu Morrissette
We´ll solve this via VPN (IPsec) then, thank you all for your support :)