Contact Us
Contact Us

Secure Your Data with FlexClient

Advanced encryption for safe communication

Home

>

Technologies

>

FlexClient-Server Communication Security Model | Technologies

Overview

The FlexClient-Server Model uses FlexSystem’s proprietary encryption and compression technology to create a secure channel for data transfer that resists eavesdropping and tampering.

Key Features

Open Standard Support

Ensure confidentiality of data transferred over the network and allow connections optionally encrypted on the FESA application server, supporting server certificates for client verification

Architecture on Applying Secure Connection on
FESA Application Server

Secure Connections

When enabled, data transfers utilize a secure connection. The process begins with a client request for key exchange, where both parties perform an asymmetric encryption-based key exchange to securely establish a session key for symmetric encryption.

Key Exchange

To establish a secure connection:
1. The client encrypts a randomly generated pre-master-secret using a 1024-bit or 2048-bit RSA algorithm and sends it to the server.
2. The server derives the session key from this pre-master-secret, ensuring that the session key is cryptographically secure and valid only for that session.

Connection Encryption

Once the session key is established, the connection is encrypted using either:
• 256-bit Advanced Encryption Standard (AES)
• 192-bit Triple DES (3DES)

Specifying a Symmetric Algorithm

The default is AES 256-bit, but it can be overridden based on server configuration.

Server Certificate

The application server can install an X.509 certificate to authenticate its identity to client devices. This certificate includes a public key for secure session key exchange.

Preparation and Applying Server Certificate

To apply a server certificate, you need to submit a Certificate Signing Request (CSR) to your Certification Authority (CA) (e.g. VeriSign, Thawte or even your own CA) to sign the certificate.

Pros & Cons on Different Security Settings

Security Settings Pros Cons
Proprietary Secure Channel
  • Fast
  • Lightweight
  • Proprietary Encryption Model
  • Non-open Standard

Secure Channel without Digital Certificate
  • High Security
  • Open Standard Model
  • AES 256-bit or 3-DES 192-bit available
  • Slower than Proprietary Secure Model
  • More Network Traffic than Proprietary Secure Model

Secure Channel with Digital Certificate
  • Highest Security
  • Open Standard Model with Cert
  • AES 256-bit or 3-DES 192-bit available
  • Certificate Signing Request (CSR) to Certification Authority (CA) required

Schedule a Free Consultation

What Happens Next?

1
We schedule a call at your convenience
arrow down
2
We do a discovery and consulting meeting
arrow down
3
We prepare a customized proposal

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Call Us: (852) 2967 9020