Skip to end of metadata
Go to start of metadata

You are viewing an old version of this content. View the current version.

Compare with Current View Version History

Version 1 Next »

To use PreVeil Express or access web.preveil.com, your system must meet specific connection requirements to ensure a secure and functional experience. Below are the key protocols, domains, and settings required to connect to PreVeil services.

1. Secure Communication Protocols

HTTPS (Hypertext Transfer Protocol Secure)

  • Required: PreVeil requires HTTPS for all interactions with the web interface.

  • Why it matters: HTTPS ensures that your connection to PreVeil is encrypted, protecting your data during transmission.

  • Action: Ensure that your browser supports HTTPS and automatically redirects to the https:// version of PreVeil’s website.

WSS (WebSocket Secure)

  • Required: PreVeil uses WSS for secure, real-time communication between your browser and PreVeil servers.

  • Why it matters: WSS enables live updates, such as receiving notifications or real-time file sync, while maintaining an encrypted connection.

  • Action: Ensure that your browser supports WSS (most modern browsers do).

2. Trusted Domains and Endpoints

PreVeil relies on several trusted domains and endpoints for secure operation. Your device must be able to connect to the following:

PreVeil Endpoints:

  • Primary domains for storage and data retrieval:

    • collections.preveil.com (data storage and management)

    • key-storage.preveil.com (key management)

  • Cloud storage services (AWS endpoints):

    • s3.us-east-1.amazonaws.com, s3-us-gov-west-1.amazonaws.com

  • Third-party services:

    • www.pdftron.com (for PDF rendering)

    • www.google.com/recaptcha/ (for security verification)

Firewall and Network Settings:

  • Ensure your network can reach these endpoints: If you're using a firewall, VPN, or proxy, make sure that these domains are not blocked.

  • Note: Ensure that the IP address 52.86.162.167 (PreVeil server) is accessible if your network has restrictions on outbound traffic.

  • Deep Packet Inspection (DPI) and Connection IssuesWhat is Deep Packet Inspection (DPI)?

    • Deep Packet Inspection is a method of network traffic analysis that allows systems to examine the data part (or payload) of packets being transmitted over a network. While DPI can be useful for security monitoring, it can also interfere with certain secure protocols used by services like PreVeil.

    Impact on PreVeil Connections

    • Issue with DPI: If your network uses Deep Packet Inspection (DPI) to inspect and filter your traffic, it can block or interfere with the encrypted WebSocket (wss://) and HTTPS connections required by PreVeil.

    • Why it matters: DPI can inspect and potentially modify traffic, which may disrupt the secure protocols (HTTPS/WSS) that PreVeil relies on for data encryption and real-time communication.

    What You Can Do:

    • Bypass DPI: If you suspect DPI is causing connection issues, try connecting from a different network that does not use DPI, such as a personal or mobile network.

    • Disable DPI: If you manage the network and are able to control DPI settings, consider disabling or adjusting DPI policies that interfere with secure web traffic.

    • Contact your network administrator: If you're unable to adjust DPI settings, contact your network administrator to ensure that traffic to PreVeil’s endpoints is not being blocked or modified.

3. Browser Requirements

PreVeil requires modern web browsers that support secure protocols. Recommended browsers include:

  • Google Chrome

  • Mozilla Firefox

  • Microsoft Edge

  • Safari (latest version)

Ensure that your browser supports HTTPS and WSS and is up-to-date to prevent connectivity issues.

4. Security Headers and Configurations

PreVeil uses several security headers to protect your data during communication. These headers help ensure that your connection is secure, and your device can trust the content being loaded:

Strict-Transport-Security (HSTS)

  • What it does: Forces HTTPS connections to PreVeil, preventing insecure connections.

  • Action: Your browser will automatically use HTTPS when connecting to PreVeil for enhanced security.

Content Security Policy (CSP)

  • What it does: Specifies the trusted domains from which your browser can load resources. This prevents unauthorized content from being loaded and protects you from malicious scripts.

  • Action: No action needed, as long as your browser complies with modern security practices (most browsers do).

X-Content-Type-Options: nosniff

  • What it does: Protects your device from interpreting files as a different type, blocking potentially malicious content.

  • Action: This header is automatically applied by PreVeil for your security.

5. Technical Checklist for Connection

To connect to PreVeil and use PreVeil Express or web.preveil.com, ensure the following:

  1. Ensure your browser supports HTTPS and WSS (modern browsers do).

  2. Verify your network allows access to PreVeil’s domains:

    • collections.preveil.com

    • key-storage.preveil.com

    • AWS and PDFTron domains

  3. Confirm no firewall or network restrictions block these domains.

  4. Make sure your device can reach PreVeil's server IP: 52.86.162.167.

  5. Browser requirements: Ensure you're using an updated version of a modern browser (Chrome, Firefox, Edge, or Safari).

  • No labels