Overview

The FenixPyre On-Prem Secure Sharing Service provides organizations with a robust solution for secure file sharing and storage within their internal network. Designed to meet CMMC (Cybersecurity Maturity Model Certification) standards, it ensures the protection of Controlled Unclassified Information (CUI) by encrypting all data transfers and implementing strict access controls. This guarantees that sensitive data remains securely within the organization's network at all times.

Why does the customer need to install this service?

Organizations that handle sensitive information must comply with CMMC standards to ensure the security and confidentiality of their data. This service provides a secure way to store, share, and access files within an organization while meeting compliance requirements.

Architecture Overview

Below is a simple architecture of the service:

CMMC and FIPS Compliance

The FenixPyre On-Prem Secure Sharing Service uses FIPS validated OpenSSL 3.0.9 for all cryptographic operations, supporting your CMMC compliance efforts. To maintain full FIPS compliance, ensure that the host VM running the On-Prem Sharing Service is configured to operate in FIPS mode and uses FIPS-certified cryptographic libraries. The MinIO VM does not require FIPS mode.

Services to be deployed

FenixPyre On-Prem Sharing Service

The FenixPyre On-Prem Sharing Service is the core component enabling secure file sharing. Designed to operate within a virtual machine (VM) in your network, it bridges communication between the FenixPyre Windows Agents and the FenixPyre Sharing Platform hosted on our servers.

This service currently supports secure file sharing with specific users, allowing them to decrypt and download shared files while maintaining stringent security measures.

Key Features

Private APIs
- These APIs facilitate communication between the FenixPyre Windows Agents within your network.
- Default Port: 8080 (configurable).
- Secured using mutual TLS (mTLS) authentication.
- Must remain accessible only within your internal network.
Public APIs
- These APIs are used by external recipients of shared links.
- Port: 443
- Must be publicly exposed to the internet.
- Secured using HMAC and additional authentication techniques.

MinIO Service

MinIO is an open-source, high-performance distributed object storage system. It is utilized for securely storing Controlled Unclassified Information (CUI) files within your network, ensuring compliance and robust data security.

PostgreSQL

PostgreSQL serves as the database backend for the FenixPyre On-Prem Sharing Service. It stores critical file metadata required for the seamless operation of the service, ensuring fast and reliable access to necessary information.

Setup

PreviousOn-Prem Secure Sharing Solution NextSharePoint

Last updated 1 month ago

Was this helpful?