Sustainability

Intel® Tiber™ App-Level Optimization Security Overview

Intel Tiber App-Level Optimization is listed in the AWS, Google Cloud, Microsoft Azure, Databricks and Red Hat marketplaces and meets the stringent security standards required to be an Intel company.

Our Security Commitment

Security

Intel Tiber App-Level Optimization is built with security in mind and undergoes ongoing rigorous security testing

Privacy

Intel Tiber App-Level Optimization offers best-in-class data protection and settings that protect your infrastructure data

Compliance

Intel Tiber App-Level Optimization’s policies and products are compliant with GDPR privacy regulations

Commitment To The Highest Security Standards

Secure Operations

Intel Tiber App-Level Optimization adheres to carefully controlled workflows that ensure that all business is executed based on established security guidelines. These workflows include carefully structured reporting lines, data access controls, segregation of duties, security monitoring, and internal audits.

Intel Tiber App-Level Optimization security policies are designed to adhere to the strict guidelines set by Intel Corporation and internationally recognized security standards- SOC 2 Type II, ISO 27001 and HIPAA

Secure Software Architecture

Intel Tiber App-Level Optimization architecture is designed around the goals of redundancy, security, and “always on” availability.

Our security design relies on industry best practices such as encrypted transmissions, cross-site scripting prevention, firewalls, regular security updates and security assessments to ensure the security of your data. Auditing, access restrictions and secure decommissioning of data storage complement the design.

Secure Data Centers

All performance data that are collected on the customer side are securely transmitted to our servers in the cloud and processed behind firewalls. Intel Tiber App-Level Optimization runs on the Amazon Web Services (AWS) cloud-computing service and benefits from Amazon’s secure, world-class data centers, which are certified for ISO 27001, PCI-DSS Level 1, and SOC 1 / SSAE-16.

Security Measures

Data Hosting & Storage

Intel Tiber App-Level Optimization runs in the Amazon cloud (AWS) cloud infrastructure. AWS security measures provide a high degree of data protection. AWS guarantees physical access controls, hypervisor protection, and secure decommissioning of instance data.

Incident Response

We continuously monitor the security of our hosting environment. In case of security incidents, we thoroughly evaluate detected problems and the underlying root causes as described in our Incident Response Policy.

Permission & Authentication

Direct access to AWS services by our employees is carefully regulated based on multi-factor authentication. Permissions are granted on a “need based access” policy following a thorough approval process.

Monitoring

All systems we run are subject to permanent health and security monitoring.

Training & Awareness

All Intel Tiber App-Level Optimization employees undergo annual security-awareness training.

Failover & Backups

For high availability purposes we leverage AWS standards, best practices and failover solutions.

Security Testing

The attack surfaces of our services are minimized based on automated vulnerability scans, regularly conducted internal security assessments.

Data Collected

Intel Tiber App-Level Optimization Agent Collects Resources Data

Data Storage

Intel Tiber App-Level Optimization offers two different types of deployment models: SaaS and On-Prem.

SaaS – Data is stored in AWS data centers.

On-Prem, your monitoring data remains in your own data center.

Data Transit

All data exchanged between Intel Tiber App-Level Optimization sAgent and Intel Tiber App-Level Optimization Cluster is encrypted in transit.

Data is sent using proprietary encrypted binary protocol.

Intel Tiber App-Level Optimization SaaS uses TLS 1.3 (SSL Labs Grade A+).

Data Encryption At Rest

Intel Tiber App-Level Optimization SaaS uses AWS storage with AES 256 encryption.

Encryption keys are managed by Intel Tiber App-Level Optimization using AWS Key Management Service (KMS).

Managed customers must configure their own hard disk encryption and manage encryption keys on their own.

  • Communication Exchange
  • Security Certifications
  • Data Protection
  • Performance Reliability

Communication Exchange

Secure Communication Between Intel Tiber App-Level Optimization Components

The Intel Tiber App-Level Optimization sAgent communicates with the gCenter

All communication between the sAgent and gCenter encrypted

Intel Tiber App-Level Optimization isn’t able to initiate a connection to the customer’s cluster

Types Of Communication

Installation – Account Name, License Name, Installation Flags

Agent Registration – License Key, Service ID

Intel Tiber App-Level Optimization License – License Status, Service ID, License Key, License Details, License Model

Health Check – Service ID, Time Zone, Traffic Size, Update Window, Performance Data

Metrics – Service ID, Monitoring Timeframes, Success & Failure Alerts, Performance Data

Heartbeat – Service ID, Node ID, Source Information

Updates – Service Updates, Version, Description, Download URL

Security Certifications

Intel Tiber App-Level Optimization services and data is hosted in Amazon Web Services (AWS) facilities.

The services and facilities of AWS are certified against international standards:

  • ISO 27001 (Information Security Management System)
  • ISO 27017 (Cloud Services Security)
  • ISO 27018 (Personal Data Protection)

Intel Tiber App-Level Optimization services are designed to adhere to internationally recognized security standards – SOC 2 Type II, and HIPAA.

Intel Tiber App-Level Optimization is GDPR compliant.

Data Protection

Access Control

  • Our customers individually control access to the data that Intel Tiber App-Level Optimization has access to.

Monitoring & Audit Logging

  • All systems operated by Intel Tiber App-Level Optimization are subject to health and security monitoring, logging audit, and automated analysis of system logs.

Data Encryption

  • All electronic communication sent to and from Intel Tiber App-Level Optimization over HTTPS relies on TLS encryption on the relevant ports.
  • sAgent encrypts all data before they are sent to Intel Tiber App-Level Optimization Server.
  • Metric and transaction data is encrypted even while at rest, and each customer’s data is programmatically partitioned from the data of other customers.

Data Retention

  • Intel Tiber App-Level Optimization stores and retains different types of monitored data from your environments (see section ‘Data Collected’ for relevant monitored data).
  • The monitoring data is stored on the Intel Tiber App-Level Optimization Server for a retention period of 2 weeks, billing data and anonymized aggregations of data are stored for a longer period of time.

Performance Reliability

Business Continuity and High Availability

Intel Tiber App-Level Optimization sAgent is designed to ensure 99.99999% availability SLA of the customer’s infrastructure.

Intel Tiber App-Level Optimization leverages AWS fail-over mechanisms to ensure high availability of all services.

Intel Tiber App-Level Optimization optimization agents are completely autonomous and will continue to work properly even without network connection to the server.

Performance Improvements Guaranteed

Intel Tiber App-Level Optimization’s sAgent is built with internal high performance gain failsafe mechanisms to prevent performance degradation.

The sAgent holds a performance gain threshold of 65% improvement, below this threshold the agent starts to automatically relearn for a 20 second timeframe to rise above the gain threshold.

Following 3 consecutive failures to return to the 65% threshold, an alert is raised and the agents can be configured to deactivate automatically.

Infrastructure Monitoring

Intel Tiber App-Level Optimization constantly monitors the availability, performance, and security of all SaaS clusters.

If a problem is detected, the Intel Tiber App-Level Optimization support team is notified immediately.

On-Prems deployment customers can also choose to monitor by sending regular health checks to Intel Tiber App-Level Optimization gCenter

Rolling Updates & Hot Fixes

Using a fully automated CI/CD pipeline, Intel Tiber App-Level Optimization is able to roll out updates and hot fixes within a few minutes.

The Intel Tiber App-Level Optimization architecture allows for zero-downtime upgrades of clusters and agents.

Updates of Intel Tiber App-Level Optimization’s sAgent and gCenter can be done both manually and automatically.