For better security and data protection ServerSuit Service is going to utilize three -tier approach
ServerSuit data storage is spread among multiple nodes (Node Servers).
Access to each NS is available only via firewall protected API that limits set of IP addresses from which the servers can be accessed.
The key for reading encrypted data can be obtained only from the one of WAS (Web Application Servers).
After credentials are decoded a SSH connection is created between an NS and a managed server, and scripts that needs to be executed are transferred directly to the managed server.
Once transfer is finished the client is launched using “SYSTEM” account.
While script is running on the client's server, callback is performed periodically to provide information about scripts execution status to a WAS. Callback data contains temporary 256-bit encrypted key identifying the server and executed script as well as process information. On WAS data is decoded and the execution status on the dashboard is updated. Once it happens the key is destroyed.
All the connections to the managed servers is conducted via SSH, which provides high level of protection.
Callback work via HTTPS which uses a valid 256 bit SSL.