Online Security

Multi-Layer Security Model

Nefsis uses several techniques to protect your online meetings. Nefsis servers are located in secure facilities with restricted physical access. When enabled, SSL encryption provides transmission security, defeating eavesdroppers and packet sniffers.

Online Meeting Passwords & Host Controls

Online meeting hosts can select conference passwords, which are required for conference room entry. In addition to password authentication and other technical measures, conference hosts can play video, and personally check every meeting attendee. The host can expel anyone, at anytime

 Signed Code & Certificates

The Nefsis online service uses signed code with a third-party certificate provided by VeriSign. VeriSign is a leading certificate authority and world-renowned provider of trusted Internet services.

 End-to-End Encryption

 When the meeting host selects SSL/TLS Security, Nefsis uses encrypted connections from end-to-end, including all participants and the conferencing server. In addition, Nefsis sends all conference data over one secured TCP/IP connection, ensuring that all data from all features — live data sharing, presentations, voice over the Internet (VoIP), and video — are all sent over the same encrypted connection. 

 IT Security Policy, Firewall & Proxy Compliance

Nefsis uses standard ports 80 and 443 for web services, and provides proxy and firewall traversal in conformance with IT security policies. All Nefsis conference connections are initiated by the conference user, and pass out through their firewall. Nefsis does not attempt any inbound connections. Nefsis conferencing operates over one TCP/IP connection, via the physical, NAT and proxy routing specified by each user’s respective network. Nefsis supports all leading standards for proxy connections such as TTL values, plus many vendor specific implementations (e.g., Microsoft ISA Server) providing the highest possible connection success rates for all users.

 FIPS 140-2 Compliance

Nefsis is offered as online service, Nefsis Online, and on-premise, installable software, Nefsis Dedicated. The Nefsis Dedicated server software edition is FIPS-140-2 compliant. It provides controls for the use of your certificate, certificate authority (CA), and public key infrastructure (PKI). In addition, it provides detailed options for selecting algorithms and key lengths for signing and encryption. Nefsis makes FIPS compliance easier by providing a software-assist that highlights the configuration choices to meet FIPS 140-2 requirements such as TLS connections, strong ciphers (AES, 3DES), and SHA hashes.

 No Unattended Remote Access Features

The conference attendee must initiate all Nefsis conference connections. In scenarios where Nefsis remote control features are used — live desktop, application and region sharing — the user is always prompted with a dialog box requesting remote control. In addition, they are offered a quick keyboard bailout hot key that appears on their screen during the entire remote control session. Nefsis was designed for live conferencing; there are no unattended remote access or remote control features.