Networking and connectivity Frequently Asked Questions for the Connect+ Series, SendPro P
- What OS does this device run?
- What controls are in place to protect this device against network-based malware (viruses/worms) threats?
- Does it have a firewall?
- Who controls the firewall rules?
- How are the firewall rules configured?
- What is the security patch process?
- What anti-virus controls does Connect+ Series, SendPro P use?
- What is the software update process, and how often does this occur?
- What is the network traffic flow to and from the Connect+ Series, SendPro P system? What firewall rules need to be in place to allow the necessary communication?
- Can you identify suspicious activity affecting Connect+ Series, SendPro P?
- What are the access controls in place to secure Connect+ Series, SendPro P?
- How do you authenticate an individual? A service?
- Are there audit trails in place?
- Is data stored on the device?
- What controls protect the data?
- Does the Connect+ Series, SendPro P allow remote administration?
SUSE Linux Sled 11.
- White list of URL’s.
- Anti Virus Software.
- Only executes services needed to perform activities.
- OS distribution has been optimized and locked down.
Pre-configured and not modifiable.
Allow only the ports HTTP, HTTPS and DNS.
Connect+ Series, SendPro P security patches are applied by emergency updates via Pitney Bowes only, and on a regular schedule through Pitney Bowes services.
ClamAv is installed on every system. AV signature updates regularly updated.
As required, in some cases monthly.
- Outgoing contact initiated (no push) utilizing HTTPS, URLs provided by Pitney Bowes services.
- Outgoing - transactional data.
- Incoming is both transactional data and files and Web Services.
Yes. An audit process exists to validate the financial integrity of the system. Error logs are available and can be uploaded to the Pitney Bowes Data Center.
- Regularly scheduled physical visits from Pitney Bowes Service.
The application access is managed by the customer using User IDs and passwords. Unique, cryptographically strong passwords for each machine restricts access to the operating system.
The application access is managed by the customer using User IDs and passwords. The Connect+ Series, SendPro P does not provide services over a network so authentication not required.
Yes. PSD transactional audits, extensive logs all financial transactions are audited by the Pitney Bowes infrastructure. The Connect+ Series, SendPro P logs all error conditions, and maintains ink usage logs, print usage logs, etc.
Yes. The Connect+ Series, SendPro P stores transactional data, graphic images, customer profiles and settings, files (rates, etc.).
All files and data interface utilizing HTTPS. Incoming data and files are signed and verified prior to use. If consumed by the printer, it is verified on each use. If used by the application, it is verified on load.
Pitney Bowes will use TeamViewer to troubleshoot system problems remotely. The end user will initiate the session using a special code.
UPDATED: June 20, 2022