Action1 maintains your list of endpoints, which includes computer names, IP addresses and connection statistics. It also performs short-term caching of your endpoint data in the cloud for efficiency purposes. When you run a query, Action1 Cloud contacts your endpoints to query information, temporarily caches the query results in the cloud and then shows it to you in the web console or sends via email (for scheduled queries). After that, your endpount data is permanently deleted from Action1 Cloud. As a result, you always have up-to-date live information from your endpoints (instead of out-of-date data collected hours or even days ago). When an alert is generated, it is sent by an agent to Action1 Cloud first, and then Action1 Cloud sends it via SMTP to your email address, deleting the alert contents right afterwards. Action1 also stores some diagnostic information (see Deployment Log) for 7 days. If you want any of the above mentioned data deleted sooner than stated, please contact our technical support.
Action1 cloud servers are currently hosted with Amazon Web Services in Virginia, USA datacenter. If your organization is subject to any local data privacy regulations that restrict you from trusting the above-mentioned location, please contact technical support to discuss your requirements.
Action1 was designed to take full advantage of state-of-the-art built-in security mechanisms of Amazon Web Services and with strict internal processes that ensure the highest standards of customer data protection. For example, internally we use multi-factor authentication, data encryption and access on the need-to-know-basis, ensuring that no single person in our organization has 'keys to the kingdom' at any time. All communication between Action1 Cloud and Action1 Agents and Connector occurs via the latest revision of SSL/TLS protocol with mutual authentication and encryption that provides complete protection against evesdropping, data tampering and even man-in-the-middle attacks. The Action1 Agent and Connector distribution packages have secuity authentication information automatically embedded into them at download time (private encryption key, authentication certificate and your customer ID) and no unauthenticated or clear-text communication ever occurs. Automatic agent updates are also secure from DNS spoofing and other sofisticated attacks, because each downloaded update is verified for intergity to make sure it comes from the trusted source. To learn more about our secure architecture and internal organizational practices, please schedule a free demo and we will happily walk you through this.
Administrator credentials are used by Action1 Connector only to deploy Action1 agents on your network. Action1 Connector never sends these credentials to Action1 cloud or to your agents. If you are unable to provide administrative credentials to Action1 Connector, other deployment options are available, such as via Group Policy, manual or batch installation. Please refer to online documentation or contact technical support if you need help with this.
Both Action1 Connector and Action1 Agent use SSL/TLS secure connection over TCP port 22543 to communicate with Action1 Cloud, so you need to have this TCP port open for direct outbound connections (bypassing any proxy servers). No inbound ports need to be open, because Action1 Cloud never initiates connections to neither agents nor Connector.
Action1 was designed from the ground up as a cloud-based technology with almost unlimited scalability to support millions of endpoints. Multi-tiered architecture automatically scales as more agents are rolled out.
Action1 Agent is a tiny executable file (less than 3Mb) with a very small resource footprint. Unless alert rules are enabled, it sits idle most of the time, waiting for your queries. If alerts are enabled, it uses slightly more CPU, memory and disk resources, depending on the number of alert rules enabled and the complexity of the rules (such as filters applied to it). Generally it uses only about 10-15 Mb of disk space, 30-50 Mb of memory and occassionally consumes 1 CPU to process queries and monitor alert conditions.
Action1 uses a very efficient communication protocol that has little overhead. When using queries, the amount of bandwidth utilized depends on the query output (number of results returned). When using alerts, it generally consumes about 5Kb per alert generated (and there is a fixed number of alerts that can be generated: it's currently set to 10 alerts per rule per hour). Plus there is some overhead related to automatic agent updates, which happen from time to time. Every update is roughly 3Mb in size for each endpoint and it generally happens a few times per month as we continiously improve the functionality of the service. However the update overhead can be substantially reduced if Action1 Connector is utilized, because in this case the update is downloaded from Action1 Cloud only once and then automatically gets distributed to all the agents via the local network.
Action1 was built from the ground up without using any 3rd party products or services other than Amazon AWS. We do not host any 3rd party products on our servers and we do not utilize any 3rd party products or services. Also, as a techniology company, it's our policy to NEVER outsource any of our core technology activities, including development, Dev Ops, technical support. Everything is developed and supported by our in-house employees in California, USA.
Fair question. Yes, you can accomplish almost everything under the Sun by utilizing scripting. However in this case you have to assume all the risks and maintenance, deal with the ease of use, scalability and reliability issues. You can find almost any kind of script or utility online and use it at your own risk, running it under administrative credentials. You also have to maintain the scripts as your systems and processes evolve. Managing, interpreting and automatically analyzing data generated by scripts on a regular basis is a very tedious task that can require substabtial management framework (scheduled tasks, encrypted data storage, email alerts etc). On top of all that, add network connectivity issues (are all of your endoints online 100% of the time?) and general reliability and security of your custom system. Action1 takes care of the above mentioned issues and adds a lot of additional value via uniform data analytics capabilities and efficient real-time data processing.