When a customer signs up for On Demand, they select the Microsoft Azure region in which to run their On Demand organization. All computation is performed in and all data is stored in the selected region. The currently supported regions are the United States, Canada, European Union, United Kingdom, and Australia. Other regions may be added over time. For the most up-to-date information, see .
Windows Azure Storage, including the Blobs, Tables and Queues storage structures, by default are replicated three times in the same datacenter for resiliency against hardware failure. The data is replicated across different fault domains to increase availability. All replication datacenters reside within the geographic boundaries of the selected region.
When a Microsoft Global Administrator adds a tenant to On Demand, they must grant admin consent for a set of permissions. The basic permission setting for all modules is Directory.ReadAll. On Demand modules require additional permissions depending on the tasks performed.
Any user that signs into On Demand and adds a tenant can view basic License Management data for their tenant. With a trial or paid subscription to License Management, users have access to additional license data and features. The On Demand License Management module requires admin consent for the Reports.Read.All permission setting in order to read product usage reports.
All network communications are executed using HTTPS. Compute nodes are enforced to use TLS 1.2 and don’t support fallback to previous versions. All other protocols such as http, ftp, ftps, msdeploy, and msvsmon are explicitly disabled. All ports are explicitly disabled.
For authentication, all communication between a customer browser and the Quest Identity Broker is secured using HTTPS. The browser securely stores the session access and refresh tokens and transmits the access token to the On Demand application using HTTPS when making authenticated REST calls. For further details see the On Demand Core and Notification Service Security Guide.
For information on user authentication, see the On Demand Core and Notification Service Security Guide.
On Demand License Management does not store any credentials in configuration files or database tables. All communication with the database is based on System Managed Identities. Database connection strings never include credentials and use Azure AD Authentication only.
© 2022 Quest Software Inc. ALL RIGHTS RESERVED. Feedback 利用規約 プライバシー