Imply Lumi security
Imply Lumi implements a wide range of security measures to protect your data at every stage.
Authentication and authorization
Imply Lumi supports the following user authentication methods:
- Password-based authentication: Users authenticate with their Imply Lumi username and password.
- Identity-Provider-Initiated Single Sign-On (IdP-initiated SSO): Users authenticate to multiple applications using the same set of credentials managed by a third-party identity provider (IdP). For more information, see Authenticate a user.
Each authorized user is assigned a unique login that is linked to their individual email address. Imply Lumi uses the login to identify and map the user to their account.
Role-based access control
Imply Lumi uses role-based access control (RBAC) to manage access to resources based on a user's role. Imply Lumi provides predefined roles that align with common functions, such as Admin, Manager, Data manager, and Viewer. Predefined roles are immutable and enforce the principle of least privilege (PoLP) to ensure that users only have access to the resources needed to do their work. For information on roles, see Manage roles.
IAM keys
You configure secure access for automated systems and integrations through Identity and Access Management (IAM) keys. For more information, see Manage IAM keys.
Data in transit
Imply Lumi uses Transport Layer Security (TLS) 1.3 for end-to-end encryption of data in transit. Data is encrypted as it moves between systems and Imply Lumi.
Data at rest
Imply Lumi data at rest data in an AWS S3 bucket where it is protected from unauthorized access and encrypted with the 256-bit implementation of the Advanced Encryption Standard (AES).
Ports used in Imply Lumi
The following table lists the ports used in Imply Lumi and explains their purpose:
| Port | Purpose |
|---|---|
| 443 | HTTPS Used for secure web communications over SSL/TLS. |
| 9997 | TPC Used by Splunk® to receive data from forwarders. |
| 80 | HTTPS Used for redirecting traffic to port 443 (HTTPS). No traffic comes through this port. |