A safe transmission tool generally needs the following safety design:

01. Web security design

• User-side Web Portal and management-side Web Portal support access IP address isolation and port isolation;

• The administrator can disable the user plane Web Portal or the management plane web portal as required.

• Support HTTP and HTTPS, the administrator can disable HTTP and only provide Https service;

• For the logged-in Web page, the session valid range is only valid for the currently accessed page, completely eliminating CSRF cross-site attack; Before each version is released, Huawei Cloud Online Professional Web Vulnerability Scanning Service is used to scan vulnerabilities and repair the latest released vulnerabilities in time;

• Https TLS only opens the encryption algorithm suite that is recognized as safe in the industry.

02. Account & Password Protection Security Design

• Login authentication has a built-in anti-violence cracking mechanism, and the user enters the wrong password five times in a row within 3 minutes, and the account will be automatically locked.

• Session identification in login is generated by using the interface of OpenSSL high-strength random function RAND_bytes () to prevent random information from being hit by the simulator.

03. Transmission security design

• In the transmission process, Raysync is protected by Hash verification at the transmission message level, file block, and the whole file to ensure the integrity of the transmission content.

• TLS 1.3 is used for end-to-end encryption between the Raysync client and the Raysync server to prevent man-in-the-middle attacks in the network.

• Raysync only needs to expose one port to the outside, which can meet all users' access and greatly reduce the risk of firewall port exposure.

Whether transmitting large files, scheduling many small files in batches, or sending individual files as needed, it is very important to choose safe file transmission software.