Ammyy Admin Security White Paper
Ammyy Admin provides strong end-to-end solutions to data security that make data confidentiality safe.
Scope and audience
This guide is for Ammyy Inc. customers and those who need to understand how Ammyy Admin impacts information security risk and compliance in their environment. This document solely addresses the Ammyy Admin product.
Introduction
Ammyy Admin is multitask software that allows IT and support professionals to provide remote support to computers and servers as well as to organize on-line meetings for collaborative or educational purposes. Ammyy Admin allows a support representative to view and control an end user's Windows based PC remotely.
This document focuses on the information security features of Ammyy Admin. The reader is assumed to have a basic understanding of the product and its features. Additional materials on Ammyy Admin can be found online at www.ammyy.com or by contacting an Ammyy Inc. representative.
Definitions
Operator - a PC from which a support provider representative connects to a remote PC of a client and control it in order to deliver tech support or for other purposes.
Client - a PC which remote computer (Operator) connects to.
ID – a unique identification number of a PC in Ammyy World Wide Network. The ID is generated automatically based on hardware characteristics of PC.
Authentication - the act of confirming the truth of user rights for connection to a remote PC.
NAT (network address translation) – a process of modifying IP address information in IP packet headers while in transit across a traffic routing device.
Ammyy router – an intermediary element of distributed servers used to realize communication services between Operators and Clients.
There are 2 types of Ammyy routers:
1) Public – organized by Ammyy and accessible to any customer by default.
2) Private - organized by a customer on customer premises.
Authentication
Hardware ID
Ammyy Admin generates and binds unique ID to a PC on which it's run. This ID is based on PC hardware configuration and is generated only once what makes this key a unique PC identifier which is impossible to imitate or fake.
Connection accept
Ammyy Admin supports multilevel authentication system which provides a secure access to a remote PC:
1) Manual connection accept – Client PC gets popup dialog box notifying about connection request and manually accepts or rejects the connection.
2) Accept by hardware ID – Client grants access to predefined Operators without need to manually accept remote connection each time remote side attempts to start the session.
3) Accept by password – connection to a Client is possible only by password.
4) Accept by hardware ID and by password – a combination of 2 and 3. Client sets up allowed Operators hardware IDs and assign password. This type of authentication is considered to be the most secure.
Operator lockout
After 3 consecutive failed log-in attempts, the Operator is temporarily blocked (for 30 seconds) from connection attempts. After the lockout period expires, the Operator will be able to connect again.
Protection of customer computer and data
An essential part of Ammyy Admin security is its permission-based access control model for protecting access to the customer's computer and the data contained therein. Before Operator gains access to remote PC, Client sets permissions for this particular Operator. For example, one can limit Operator access to "view screen only", or block file manager or grant full access to the PC.
Secure unattended administration
The unattended server administration feature allows connection to a remote PC, even if there is no person at Client PC to participate in Ammyy Admin session. Unattended administration can be set by installing Ammyy Admin as a service on Client PC and adding access permissions for certain Operators IDs. A more detailed guide to unattended administration can be found here http://www.ammyy.com/en/admin_unattended.html
Communications security features
Communication between participants in Ammyy Admin session occurs via an overlay multicast networking stack that logically sits on top of the conventional TCP/IP stack within each user's computer. The communications architecture is summarized in the figure below. Ammyy Admin session participants ("endpoints") communicate with Ammyy Inc. infrastructure communication servers and gateways using outbound TCP connections on ports 80, 443 or 8080, depending on availability. Ammyy Admin allows communication through HTTPs Proxy with SSL encryption if necessary. Because Ammyy Admin is a hosted service, participants can be located anywhere on the Internet — at a remote office, at home, at a business centre or connected to another company's network.
Communications confidentiality and integrity
Ammyy Admin provides data security measures that address attacks against data integrity and confidentiality. All Ammyy Admin connections are encrypted and access to Client PC is possible only for authorized Operators. Display data, keyboard/mouse control data, transferred files and voice are always exposed in encrypted form. The Ammyy Admin session encryption key is not kept on Ammyy Inc. servers in any form and cannot be discovered or derived by Ammyy Inc. servers or personnel. Thus, breaking into a server cannot reveal the key for any encrypted stream that the intruder may have captured.
Figure 1: Ammyy Admin Remote Support Technology Architecture
Encryption
Ammyy Admin data encryption is primarily based on 1024-bit RSA and 256-bit AES standards which are used to protect all communication between session participants. New session keys are generated for each session by endpoints, and are never known to Ammyy Inc. or its systems and communication servers only route encrypted packets and do not have the session encryption key. This technology is based on the same standards as https/SSL and is considered completely safe by today's standards.
Because Ammyy Admin uses very strong, industry-standard cryptographic measures, customers can have a high degree of confidence that multicast support session data is protected against unauthorized disclosure or undetected modification. High performance and standards-based data security is a "built-in" feature of every Ammyy Admin session.
Code Signature
All files of Ammyy Admin are secured using VeriSign code signing technology. This allows you to verify the origin of the executables you have and no one changed them.
|