Laserfiche WebLink
SOLICITATION # CH16012 <br />FireEye <br />High-level architecture diagrams following industry best practices utilizing both virtual and physical <br />controls are available and contained in the SOC 2 report. <br />VirtueStream <br />Virtustream utilized a virtual local area network (VLAN) and virtual route forwarding (VRF) to <br />logically segregate all customers in the IaaS environment. Every customer chooses their own IP <br />Address range, as there is no ability to overlap IP Addresses between customers. In addition, <br />every customer is logically separated with Firewall Context with their own rule, where by default <br />everything is denied except specific rule. <br />8.6.10 Provide Security Technical Reference Architectures that support Infrastructure as a Service (laaS), <br />Software as a Service (SaaS) & Platform as a Service (PaaS). <br />CA <br />APM <br />Only SaaS is provided, network diagram can be provided upon signing NDA <br />MAA <br />Only SaaS is provided, network diagram can be provided upon signing NDA <br />CAAgile <br />These can be provided when a NDA is in place. <br />ASM <br />Only SaaS is provided, network diagram can be provided upon signing NDA <br />Salesforce <br />Salesforce offers market leading PaaS and market leading SaaS solutions. Salesforce does not <br />provide IaaS as a direct service offering to our customers, it is an underlying part of our PaaS and <br />SaaS offerings. <br />The Salesforce Platform is built for cloud computing, with multitenancy inherent in its design. To <br />meet the high demands of its large user population, Force.com's foundation is a metadata-driven <br />software architecture that enables multi -tenant applications. <br />Force.com combines several different persistence technologies, including a custom -designed <br />relational database schema, which are innately designed for clouds and multitenancy—no <br />virtualization required. <br />Force.com's core technology uses a runtime engine that materializes all application data from <br />metadata—data about the data itself. In Force.com's well-defined metadata-driven architecture, <br />there is a clear separation of the compiled runtime database engine (kernel), tenant data, and the <br />metadata that describes each application. These distinct boundaries make it possible to <br />independently update the system kernel and tenant -specific applications and schemas, with virtually <br />no risk of one affecting the others. <br />Every logical database object that Force.com exposes is internally managed using metadata. <br />Objects, (tables in traditional relational database parlance), fields, stored procedures, and database <br />triggers are all abstract constructs that exist merely as metadata in Force.com's Universal Data <br />Dictionary (UDD). For example, when you define a new application object or write some procedural <br />code, Force.com does not create an actual table in a database or compile any code. Instead, <br />Force.com simply stores metadata that the system's engine can use to generate the virtual <br />application components at runtime. When you need to modify or customize something about the <br />application schema, like modify an existing field in an object, all that's required is a simple non - <br />blocking update to the corresponding metadata. <br />Because metadata is a key ingredient of Force.com applications, the system's runtime engine must <br />optimize access to metadata; otherwise, frequent metadata access would prevent the service from <br />scaling. With this potential bottleneck in mind, Force.com uses massive and sophisticated metadata <br />caches to maintain the most recently used metadata in memory, avoid performance -sapping disk <br />1/0 and code recompilations, and improve application response times. <br />carahsoft 89 carahsoft <br />