Disclaimer, this is not a legal document, it is a design summary document written by engineers. We will try our best to keep this as up-to-date as possible.
If you have questions or want to know more, please email help@firewalla.com and we will add your question to the FAQ section.
(draft/beta document)
Firewalla MSP is a Managed Security Portal designed for security and infosec professionals to manage multiple Firewalla boxes remotely easily. You can learn more about Firewalla MSP in our Firewalla Managed Security Portal Introduction. This service is hosted at https://firewalla.net.
- MSP Containers
- Communication to MSP Containers
- Data Storage
- What Data are Stored
- How are Data Processed or Used?
MSP Containers
- All MSP instances are container-based.
- Each MSP instance will run in its Linux container, hosted in the Amazon Web Services cloud infrastructure. Linux Containers (LXC) is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a control host using a single Linux kernel.
- Each MSP container will have its own domain and HTTPS certificate.
Communication with MSP Containers
- Communication to MSP containers from Firewalla boxes is done via HTTPS. The transferred data are encrypted and can only be decrypted by the MSP containers to which each box belongs.
- Communication to MSP containers from users is done via HTTPS to a web server hosted inside the container.
Data Storage
- All data are stored within the container.
- Each container is isolated via Linux containers. Containers can only access data stored within themselves and NOT other containers running on the same physical CPU.
What Data are Stored
- Data local to the container (encrypted at rest)
- Network flows in clear text (there is NO data content, just flow headers)
- Alarms and events
- Your Firewalla unit's configuration data
- Encryption keys for communicating with your Firewalla unit
- VPN Keys
- How long are data stored?
- Data are stored for seven days after the user cancels the service.
- Network flows are stored as indicated in your PLAN. The Firewalla MSP may store the expired flow up to 2 days beyond the plan expiring date. (this is to ensure backups and data processing have a small buffer, for example, professional plans have 30 days of storage, but the system may store up to 32 days, with only 30 days visible)
How is Data Processed or Used?
- To sort, aggregate, and report your Firewalla flows and alarms
- To push and manage configurations
- To manage services that are centrally run
- To display to users
- To enable all the features you use in the MSP portal
How is Account/Billing Processed?
- Billing is done via stripe.com
- Firewalla will store your email address and the last four digits of your credit card number
Analytics
- To help us deliver better service, we do use Google Analytics to understand user behavior and user interactions.
Customer FAQ
Would you happen to sell my data?
No
Comments
0 comments
Please sign in to leave a comment.