Overview of FilingBox MEGA2
The FilingBox MEGA2 server works in conjunction with client programs to prevent the loss or theft of customer data, and provides a management console to oversee the FilingBox MEGA2 products.
The following diagram illustrates the overall product architecture:
Administrators
Administrators managing the FilingBox MEGA2 server are categorized into two roles: Super Administrators and General Administrators, with respective capabilities and roles as follows:
- Super Administrator
- The Super Administrator is responsible for managing FilingBox MEGA2 and its administrators through the server. They have comprehensive control over all operations of FilingBox MEGA2, including administrator management, device management, audit record review, and server configuration tasks. Super Administrator privileges should be granted to those who will be responsible for all aspects influenced by FilingBox MEGA2, and they must perform their duties in accordance with operational guidelines after appropriate training.
- General Administrator
- General Administrators can manage devices and review audit records via the server. They are appointed by the Super Administrator, who should grant General Administrator privileges to those responsible for the devices. Like Super Administrators, they must also receive appropriate training and follow operational guidelines.
Ports Used in FilingBox MEGA2 Operation
FilingBox MEGA2 uses specific ports for its operations, which are listed below along with their purposes:
Protocol: TCP
Port number / Purpose:
- 30083 / Communication between server and client
- 443 / Accessing the management console site via HTTPS
- 10099 / Command transmission for integrity checks
Note
It is crucial to remove or disable any unnecessary ports that are not required for FilingBox MEGA2 operations and ensure that permissions for crucial files and third-party software are not excessively set.
Precautions for System Use
- Physical Security: The location where FilingBox MEGA2 is installed and operated should have controlled access and security installations to ensure only authorized administrators can enter.
- Trusted Administrators: Authorized administrators must be free from malice, adequately trained on the TOE management functionalities, and must precisely follow the administrative guidelines.
- Operating System Hardening: Authorized administrators should perform hardening tasks for the operating system vulnerabilities to ensure its reliability and safety.
- Timestamps: FilingBox MEGA2 should use reliable timestamps provided by the operating environment to accurately log security-related events.
- Trusted External Servers: SMTP and OS systems that interact with FilingBox MEGA2 must maintain secure and trusted operations.
- Audit Data Storage: Ensure there is adequate storage space in the audit data repository and perform backup of audit records to prevent loss.
- DBMS: Audit data should be stored in a DBMS operating in a physically secure environment.
- Management Connection: Ensure confidentiality and integrity of the data transmitted between the administrator PC's web browser and the management server’s web environment.