Chat now with support
Chat with Support

Security Guardian Current - Security Guide

Network Communications

Internal network communication within Azure includes inter-service communication between Security Guardian components and the On Demand Platform.

 

Inter-service communication uses OAuth authentication using a Quest Azure Active Directory service account with the rights to access the services. No backend services of Security Guardian can be used by end users.

 

On Demand Services accepts access to Security Guardian from the On Demand web user interface.

 

All external communication is secured with HTTPS TLS 1.2.

 

The Security Guardian user interface uses OAuth authentication with a JWT token, issued to a logged in user.

Authentication of Users

The customer logs in to the application by providing On Demand user account credentials.

 

For more information about user authentication, please refer to the Quest On Demand Global Settings

Security Guide.

Role Based Access Control

Quest On Demand is configured with default roles that cannot be edited or deleted and allows you to add custom roles to make permissions more granular. Each access control role has a specific set of permissions that determines what tasks a user assigned to the role can perform. For more information on role-based access control, please refer to the Quest On Demand product documentation.

FIPS 140-2 Compliance

Security Guardian cryptographic usage is based on Azure FIPS 140-2 compliant cryptographic functions. For more information, see Microsoft-us/azure/storage/blobs/security-recommendations.

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating