Cavisson SaaS Offering
Cavisson offers a cloud-based SaaS solution that enables you to have an end-to-end performance view of your distributed application in real-time. You can focus on your application for driving the best digital experiences to customers while monitoring your application and infrastructure with the help of Cavisson SaaS. Our solutions offer lower total costs, guaranteed availability, disaster recovery, data privacy &security, and automatic upgrades.
Cavisson SaaS removes the need for organizations to install and run Cavisson Product Suite in their application environment. This eliminates the expense of hardware acquisition, provisioning and maintenance, as well as software licensing, installation and support. Other benefits of the SaaS model include:
- Flexible payments: Rather than purchasing software to install, or additional hardware to support it, customers subscribe to a SaaS offering. Customers pay for this service on a usage basis using a pay-as-you-go model. Transitioning costs to a recurring operating expense allows many businesses to exercise better and more predictable budgeting.
- Scalable usage: Cavisson SaaS offer high vertical scalability, which gives customers the option to access more, or fewer, services or features on-demand.
- Automatic updates: Cavisson SaaS automatically performs updates and patch management. This further reduces the burden on customer IT staff.
- Accessibility and persistence: Enables authorized end-users access from any Internet-enabled device and location.
- Ease of use and POC: Lets user do proof of concept for a new release feature in advance. In addition, they can have multiple versions and do performance comparison before migration.
- Reliable: Cavisson SaaS comes with an SLA of 99.8% availability subject to internet outage and other exceptions.
Data stored in Cavisson servers is considered confidential. This data is protected in transit across public networks. Customer data is not allowed to exit the Cavisson production service environment, except in limited circumstances, such as in support of a customer request.
All data transmitted between Cavisson SaaS and Cavisson agents in your application servers is protected using Secure WebSocket (WSS).
The data of our customers is at the core of our business. We strive for the best possible protection of this data. To prevent unauthorized access, maintain data accuracy, and ensure the correct use of information, we’ve put appropriate physical, technical, and organizational procedures in place to secure our systems.
- Access Control: Access control performs identification, authentication and accountability of Cavisson APM users through passwords. The passwords are saved using one-way encryption, which cannot be decrypted. The communication between Cavisson SaaS and user’s web browsers are secured using TLS.
- Monitoring & Audit Logging: In audit logs, we log major user actions, such as login, favorite dashboards loading, report generation, time period application etc.
Data Communication between Cavisson Agents (in customer environment) and Cavisson Servers (in SaaS environment) is over Secure WebSocket (WSS), which relies on TLS encryption on port 443. Monitoring and flowpath data is stored in encrypted file system.
Personal Data captured by Cavisson
The data we capture via multiple ways is secured at different levels. Depending on your environment setup and data-privacy settings, some captured data may be protected by law or considered sensitive for other reasons. In such instances, we take extra precautions to protect your customers’ private data.
Cavisson has three levels of protection in place concerning personal data.
- Scrubbing of data at the point of capture
- Scrubbing of data prior to storage
- Masking of data on display
Cavisson may capture a lot of end-user sensitive data from monitored environments. Based on your license type and configuration, Cavisson can capture both real-user traffic (user actions, captured directly in end-user browsers) and service-side traffic (web requests and other communications that may include personal data). The captured personal details of users, such as user name, login password, address, credit card / debit card / bank details, email-ID, and others are masked/scrubbed and kept highly secured.
The sensitive data may be captured by one or more following components:
- Real User Monitoring (RUM) and Session Replay
- Time Series Data captured by Cavisson Monitoring Agent
- APM Data
- Log Analytics
Cavisson Real User Monitoring (RUM) relies on browser cookies to correlate user interactions in the browser, for example user actions, with general page and backend performance metrics.
Cookies are used to:
- Monitor site performance
- Analyze website usage
- Track user behavior
Security Measures Applied to Cavisson Environments
In relation with Cavisson SaaS deployments, our development processes, operations, and infrastructure follow a comprehensive set of security policies that are reviewed at regular intervals and communicated to all employees. These policies ensure confidentiality and integrity of any customer related information.
Cavisson SaaS network is highly secured using industry leading security equipment, such as DDoS mitigation device and Web Application Firewall that ensure protection against all kinds of attacks while providing optimized web performance.
Cavisson Security Certifications
Cavisson services and data are hosted in Google Cloud Platform (GCP). The services and facilities of GCP are certified against international standards, such as ISO 27001 (Information Security Management System), ISO 27017 (Cloud Services Security), and ISO 27018 (Personal Data Protection).
Report a Security-related Concern
We take our customers’ security very seriously and investigate all vulnerabilities that are reported to us. We address potential vulnerabilities reported to Cavisson in the following manner:
- Report a vulnerability
- Evaluate & respond
- Disclosure of vulnerabilities
Cavisson stores and retains different types of monitored data from your environments. Retention policy of this data is based on licensing agreement. Based on the retention policy, data is automatically cleaned up. In a typical SaaS configuration, following table depicts the retention of performance data captured by Cavisson:
Monitoring Data (Non-aggregated)
Monitoring Data (Aggregated)
Business Transactions Flowpath data
Logs and associated Visualizations (Non-aggregated)
Logs and associated Visualizations (Aggregated)
Due to the presence of Cavisson SaaS network at multiple geographic location across the globe, we tend to configure our servers in regions geographically located to your data center to ensure minimal network latency for monitoring data.
Depending upon dynamic application size, the cavisson SaaS components are scalable.
Disaster Recovery (DR) and High Availability (HA)
The SaaS offerings comprises of multiple Cavisson appliance/VMs. The backup of individual VMs on cloud are maintained across regions. For example – VM on central region has a cold standby in eastern region. We are achieving HA using Keepalived, which uses VRRP protocol. Data is synced regularly from master to backup using rsync. Both the master and backup servers are assigned a virtual IP.
In context to High availability, data is backed-up for unfortunate events of VM’s crashing. Automatic disk level snapshots as well as component level (monitoring data, flowpaths etc.) backups are configured.
Failover / Switching between Master and Backup
In an event when the continuous monitoring is interrupted due to unavailability of Master (Active) server, then the backup collector on the corresponding machine automatically takes over as a Master server, becomes active, and resumes continuous monitoring.
We can mark the health of master as good or critical on multiple parameters as follows.
- Machine load average
- Disk usage
- CPU usage
- Issue with any of the critical processes
- Network issues
If the health of master is critical for n consecutive intervals, failover will happen.
Service Level Agreement (SLA)
Cavisson will make reasonable efforts to maintain 99.8% availability of the hosted portion of the Service for each month during the term of Agreement, excluding planned maintenance windows. The Service will be deemed “available” so long as Authorized Users are able to login to the Service interface and access monitoring data. Excluding planned maintenance windows, in the event the Service availability drops below 99.8% for two consecutive months, Customer may terminate the Service in the calendar month following such two-month period upon written notice to Cavisson. To assess uptime, Customer may, if under a Paying Plan, request the Service availability for a prior month.