Network, Data and Security Overview
This article contains key information for IT/cybersecurity departments.
Networking
Access Requirements
Jenson8 applications running via Appstream only use TCP port 443 for HTTPS communication between AppStream 2.0 users' devices and our virtual machines.
Connection to the Appstream 2.0 service is generally not blocked by corporate firewalls, however if whitelisting is required, the domains for the regions we support are listed below:
| Region | Domain |
|---|---|
| US East (Ohio) | *.appstream2.us-east-2.aws.amazon.com |
| Asia Pacific (Mumbai) | *.appstream2.ap-south-1.aws.amazon.com |
| Asia Pacific (Singapore) | *.appstream2.ap-southeast-1.aws.amazon.com |
| Asia Pacific (Sydney) | *.appstream2.ap-southeast-2.aws.amazon.com |
| Europe (London) | *.appstream2.eu-west-2.aws.amazon.com |
| South America (São Paulo) | *.appstream2.sa-east-1.aws.amazon.com |
Bandwidth
There are no strict bandwidth requirements for end users, as the end users connection does not affect the virtual machine's connection to our gaming servers.
AWS recommends at least 5mbps of network bandwidth and under 100ms of roundtrip latency for a smooth experience.
Data
PII
Personally Identifiable Information (PII) is not collected via AWS Appstream 2.0 by default. However we may optionally use the user’s name and email to create an account for them. Please see the two current access options below for more details:
- Anonymous access - Jenson8 can create anonymous, pre-authenticated URLs which provide temporary access to the Apollo application via AWS Appstream 2.0. These can be generated without the use of any PII.
- User account access - If users wish to access Jenson8 applications regularly, Jenson8 can create a user account for them using their name and email, allowing the user to authenticate themselves and launch the app via our AppStream 2.0 dashboard at any time.
The IP address of the connecting user may be logged, but will be purged once the session is finished and only ever used for support or regional load balancing and routing.
Data Transfer
For the purpose of protecting your company data, our Appstream 2.0 virtual machines do not allow:
- Upload and download of files
- Clipboard functions (i.e copy and paste)
n.b The Files option will still appear on the toolbar regardless of the fact that Jenson8 has disabled it.
Security
Access to Sessions
Jenson8 takes measures to ensure that only intended users are provided with access to sessions:
- Anonymous access - Jenson8 can generate pre-authenticated URLs which provide instant access to our Appstream 2.0 sessions. Only authorised Jenson8 staff can generate these URLs, and each URL has a variable expiry time to prevent unwanted access. These URLs are generated on an as-and-when basis.
- User accounts - If Jenson8 has created a user account for you, Jenson8 can control what applications you have access to, however only you can access your Appstream session.
More about User accounts
Sometimes we may provide access to our clients using AWS Appstream 2.0's built-in user pool feature. For detailed information - see their documentation here.
Key points:
- User account creation and the assignment of applications is limited to authorised Jenson8 staff.
- Jenson8 staff can only see your name and email. Passwords/authentication are handled by AWS.
- User pools exclusively provide access to our Appstream 2.0 resources.
Access to Virtual Machines
Jenson8 applications run in a sandboxed, kiosk-style environment, ensuring that user access is strictly limited to the functions built in to the application.