Results 1 to 4 of 4

Thread: Firewall Rules Needed

  1. #1

    Question Firewall Rules Needed

    What domains and ports are required to allow viivO to run in a secure environment? IE: build firewall rules to support viivO

    My machine blocks all outbound traffic unless explicitly approved (allowed). After running viivO for two (2) days I've recored requests to the following addresses:

    vcs.viivo.com - port 443 -and- vcsapps-980660578.us-east-1.elb.amazonaws.com - port 80

    The first, easy. The second not so - why do I need to allow unencrypted traffic to vcsapps hosted at amazonaws.com?

  2. #2
    Viivo Staff
    Join Date
    Apr 2013
    Posts
    565
    vcsapps-980660578.us-east-1.elb.amazonaws.com is vcs.viivo.com

    The SSL traffic is the server and the client communicating metadata, the un-encrypted traffic (to port 80) is the machine "etag" check. The device asks the server every 30 seconds (might be 60) if there are updates it needs to download. It does this by checking the etag. If the etag (just a number) is higher than what the device knows, it triggers a sync (which is done ssl on 443)

  3. #3
    I'm currently evaluating Viivo for personal use. With my tinfoil hat on, several aspects of Viivo concern me, and I have to find answers to them. This is one of them -- where else does Viivo dial? Dialing home to check for updates makes complete sense, but every 30 or 60 seconds? Seems overly excessive. Does the client REALLY change that often? I understand as the product is young updates may come more often than a few year old product, but that update check policy seems a little short sighted. Makes me worried about other policies I might find surreptitiously.

  4. #4
    Viivo Staff
    Join Date
    Apr 2013
    Posts
    565
    The dial home every 60 seconds is to check if there are new metadata objects for your account. If someone creates a Viivo encrypted file and sends you the file, if you want to be able to decrypt it seamlessly, you need to have keys for it. This is also how devices that you own learn about actions from your other devices. If you create a locker in Dropbox.com account, Dropbox syncs the files up immediately to the cloud, and down to all other computers you own with the sync tool installed. For Viivo to work without a lot of manual intervention, you need you 2nd, 3rd, 4th, etc. devices to learn that those .viivo files are encrypted with Viivo keys you own, and actually have the private keys to decrypt.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •