Networking and connectivity Frequently Asked Questions on the SendPro MailCenter 1000, 2000, and 3000
- What OS does this device run?
- What controls are in place to protect this device against network-based malware (viruses/worms) threats?
- Does it have a firewall?
- Who controls the firewall rules?
- How are the firewall rules configured?
- What is the security patch process?
- What anti-virus controls does SendPro MailCenter use?
- What is the software update process, and how often does this occur?
- What is the network traffic flow to and from the SendPro MailCenter system? What firewall rules need to be in place to allow the necessary communication?
- Can you identify suspicious activity affecting SendPro MailCenter?
- What are the access controls in place to secure SendPro MailCenter?
- How do you authenticate an individual? A service?
- Are there audit trails in place?
- Is data stored on the device?
- What controls protect the data?
- Does the SendPro MailCenter allow remote administration?
SUSE Linux Sled 11.
What controls are in place to protect this device against network-based malware (viruses/worms) threats?
Controls include:
- White list of URL’s.
- HTTPS.
- Anti Virus Software.
- Only executes services needed to perform activities.
- OS distribution has been optimized and locked down.
Yes.
Who controls the firewall rules?
Pre-configured and not modifiable.
How are the firewall rules configured?
Allow only the ports HTTP, HTTPS and DNS.
What is the security patch process?
SendPro MailCenter security patches are applied by emergency updates via Pitney Bowes only, and on a regular schedule through Pitney Bowes services.
What anti-virus controls does SendPro MailCenter use?
ClamAv is installed on every system. AV signature updates regularly updated.
What is the software update process, and how often does this occur?
As required, in some cases monthly.
What is the network traffic flow to and from the SendPro MailCenter system? What firewall rules need to be in place to allow the necessary communication?
- Outgoing contact initiated (no push) utilizing HTTPS, URLs provided by Pitney Bowes services.
- Outgoing - transactional data.
- Incoming is both transactional data and files and Web Services.
Can you identify suspicious activity affecting SendPro MailCenter?
Yes. An audit process exists to validate the financial integrity of the system. Error logs are available and can be uploaded to the Pitney Bowes Data Center.
- Regularly scheduled physical visits from Pitney Bowes Service.
What are the access controls in place to secure SendPro MailCenter?
The application access is managed by the customer using User IDs and passwords. Unique, cryptographically strong passwords for each machine restricts access to the operating system.
How do you authenticate an individual? A service?
The application access is managed by the customer using User IDs and passwords. The SendPro MailCenter does not provide services over a network so authentication is not required.
Are there audit trails in place?
Yes. PSD transactional audits, extensive logs all financial transactions are audited by the Pitney Bowes infrastructure. The SendPro MailCenter logs all error conditions, and maintains ink usage logs, print usage logs, etc.
Yes. The SendPro MailCenter stores transactional data, graphic images, customer profiles and settings, files (rates, etc.).
What controls protect the data?
All files and data interface utilizing HTTPS. Incoming data and files are signed and verified prior to use. If consumed by the printer, it is verified on each use. If used by the application, it is verified on load.
Does the SendPro MailCenter allow remote administration?
Pitney Bowes will use TeamViewer to troubleshoot system problems remotely. The end user will initiate the session using a special code.
UPDATED: 15 April 2024