3manager Data collection + Security

Documentation

Download the latest version by clicking the link below:

https://www.dropbox.com/scl/fi/gltegghdm15g9psasqgjo/3manager-WhitePaper-DataCollector-
EN.pdf?rlkey=xlta9799xg0rzu08vaqk4wh20&dl=1
Table of content:

Introduction 3

Data collector network communication 3

SNMP v1-2 and SNMP v3 3

Outgoing traffic / encryption 5

Network traffic 7

Network diagram 8

Auto-update of the data collector 9

Data collector requirements 9

Collection of device data 10

Collection of counter data 11

Example of XML data sent 12

Webhooks 13

SQL injection prevention (database penetration) 18

Microsoft Defender SmartScreen 18

3manager and antivirus systems 19

CPU Usage and Real-Time Protection 20

Security 21

Hosting 22

Disaster Recovery Plan: 25

Security Troubleshooting Checklist 26

3manager security documentation: 25. Oct 2024 2

Introduction:
This document outlines the communication process between the 3manager data collector and the cloud, including
encryption protocols, hosting security, and important considerations for installation. While this whitepaper covers
all available 3manager data collectors, please note that installation guides and minimum requirements may vary
by version.

Data collector network communication

The data collector (SNMP agent) is a piece of software installed on a computer, which will scan a defined range of
IP-addresses. If no range is defined, it will scan the local sub-net (x.x.x.1 to x.x.x.255)

Ports used:

The data collector will scan printers using port 161/162 which are the standard ports for SNMP communication.

SNMP v1-2 and SNMP v3

SNMP V1-2

As default the SNMP community string is public. For many printers they either have the string entered or its blank.

In 3manager as default public is used. If you are using a different community string simply overwrite the public. If
you are using multiple you can enter them with comma as separators like this: public, private1, private 2, private 2.

This will force a discovery in each community and discover devices based on how they are configured.

3manager security documentation: 25. Oct 2024 3

SNMP V3

SNMP V3 makes it possible for the SNMP communication to protected by encryption as well passwords. Please
note that the SNMP v3 options depends on the manufacturer brand and model as well generation. The newer
devices, the more options, the older the less.

The following SNMP v3 settings are supported:

• Username
• Authentication password (Passwords should have minimum 8 characters)
• Privacy protocol password (Passwords should have minimum 8 characters)
• Context name

Important:

The 3manager data collector will automatically find the settings for encryption. For example if AES or DES is used.
You do not need to configure this in the data collector. If privacy protocol is not used leave the password field
blank.

You can have mixed environments using SNMP v1-2 and SNMP v3. This means that you can use the same data
collector to scan older devices without SNMP v3 support as well new ones with updated SNMP v3 capabilities.

Communication

The data collector will download the latest data to ensure correct counter readings from the printers. This is done
for every discovery and polling session. Ports used are either port 80 or port 443 depending on your configured
settings. Default is always port 443

3manager security documentation: 25. Oct 2024 4

No data sent to the agent can be defined as incoming traffic. All downloads are triggered by the data collector
itself, and it contains the following:

1. Download of configuration (IP-ranges which is managed online, and other settings such as scheduling)

2. Download of latest OID (the keys to know where to find the correct counters in your printers)

3. Download of latest software build, if a new version is released.

In some occasions whitelisting of IP and domain will be needed. Use the following values:

• Domain: *.3manager.com
• IP-address: 52.213.181.35

Outgoing traffic / encryption

On an hourly basis, or otherwise scheduled, the data collector will send an XML report using port 80 or 443 to the
3manager cloud server. XML is being sent using a 256bit encryption.

Delivery methods:

1. Send as packets using port 80 or 443 using 256bit encryption (standard)

2. Send as an email attachment using your SMTP port

Data sent from the data collector

• Manufacturer brand
• Model name
• Serial number
• Counters (total pages, total mono, total color, total print, print mono, print color, A5 total, A3 totals)
• Toner levels
• Alerts
• Warnings

3manager security documentation: 25. Oct 2024 5

Encryption:

The data collector uses a Certificate from COMODO 256-bit SSL encryption when sending data over the Internet.

The transaction between user and server is encrypted as well as the data sent from the data collector agent to the
server.

Outgoing traffic:

Data is sent as JSON over HTTPS.

3manager security documentation: 25. Oct 2024 6

Network traffic
There are three tasks, when data is sent: discovery, polling and reporting. During polling, the agent queries
configuration server via HTTP(s) and sends SNMP queries for each model discovered.

Discovering:

During discovery, the agent sends packets to each IP in the specified range. It sends about 500-800 packets a
second, with a packet size 85-100 bytes. Total bandwidth used is 50-200KB/s. The total data sent will depend on
the IP address count in the discovered IP range(s).

Polling:

During polling, the agent only sends packets to the printers discovered in the network discovery process.

There is one HTTP request by the configuration server for each printer 1-10KB in size. SNMP query count depends
on the printer, but it ranges in 15-50 queries with 1-5KB in size, total bandwidth used is 15-250KB for each printer.
The polling is done with 40 threads in parallel, the total bandwidth depends on the printer response time and is
about 0.5-1MB/s (needs to be measured onsite, for more precise time)

The total data sent is proportional to discovered printer count.

Frequency:

The data collector gets status updates every 15 minutes. Technical data, meters and toner status will be updated in
this frequency. The agent scans devices using SNMP protocol. The data is sent as UDP packets.

The service also connects to remote servers using HTTP(s) to get latest configuration.

Reporting:

Report size is proportional to discovered printer count. Each printer uses ~10KB of data. The data is sent as JSON
over HTTPS to the 3manager Data Processing Server (DPS). Reports are sent hourly by default.

3manager security documentation: 25. Oct 2024 7

Network diagram
Please find below an illustration on how the data collector / communication works:

3manager security documentation: 25. Oct 2024 8

Auto-update of the data collector
The data collector has an integrated auto update feature. To detect current version of the agent, the agent looks at
the 3manager server / UpdateVersion.xml, where current version is described, and its checksum is noted. The
agent downloads the .xml file every 2 hours and checks if it has the current version. If a mismatch between
installed and current version is discovered, it downloads newest .msi file through http port 80, matches the
checksum and installs newest version.

Auto update can be disabled in the agent control panel settings if this is a violation to the security policy.

Manual update of data collector:

Download latest data collector from your account run it on the same computer where current data collector is
installed.

This will update the software to the latest version. You can also use this link to send to customers who will install
the data collector internally. (Remember to provide the location-ID)

Data collector requirements

Operating system:

Windows: Microsoft Windows based computer (XP SP3 or newer / 2003 Server or newer)
Microsoft .NET Framework 4.6 or newer. For the web-version Microsoft .NET Core is used and
contained in the installation package. Here you do not need to have .NET Framework 4.6 or
newer.

Linux x64: The data collector works with common Linux distros such as Ubuntu, Debian, CentOS and
more). 64bit only

Linux ARM: For Raspbian OS used on Raspberry Pi (RPI)

Mac OSX: Mac OSX 10.15.3 or newer (64bit only)

Browsers: Google Chrome, Safari, Firefox, Microsoft Edge. Internet Explorer 11 or newer.

Hardware: The data collector requires minimum of 10GB free hard disk drive and 4GB RAM with Internet
access. It’s not recommended to install the data collector on laptops as it may scan other
networks. If a computer is not available for installation, we recommend using a Raspberry Pi 3
model B or newer with a minimum of 16GB SD card.

Proxy: If proxy is used, user and password is needed to access the 3manager server. HTTP 1.1
compliant proxy server, domain proxy and PAC file compiled proxy is supported.

SNMP: SNMP enabled. (Minimum V1-2). SNMP v3 is supported. Minimum lengths of passwords is 8
characters when configuring the SNMP V3 on the printers.

Ports: 161/162 (SNMP) and 443/80 (Internet)

3manager security documentation: 25. Oct 2024 9

Collection of device data
• Device name
• Brand + model
• IP address
• Serial Number
• Mac address
• Location (if entered in the printer configuration)
• Supplies information (toner, drums, developers, other readable supplies from the MIB)
• Alerts: (Error code + description if available in the MIB)
• Alerts Training level and Severity
• Counters (See more details on page 11)
• Firmware version ( If available in the MIB)

Only device information is sent. No data regarding print jobs or usernames are collected nor sent.

3manager security documentation: 25. Oct 2024 10

Collection of counter data

3manager security documentation: 25. Oct 2024 11

Example of XML data sent
Printer xmlns=""><Name>p-h1-1</Name><Manufacturer>NAME,
Inc.</Manufacturer><Model>N/A</Model><Color>False</Color><IPAddress></IPAddress><MacAddress></MacAddress><SysOid></SysOid><Serial
Number></SerialNumber><GroupName></GroupName><RemoteGroupName></RemoteGroupName><SystemDescription>Unknown
N/A</SystemDescription><SystemContact></SystemContact><Location></Location><SiteLocation>yourinput</SiteLocation><DiscoveryTime></Disc
overyTime><Uptime /><Standby /><Downtime /><PowerOffTime
/><PowerOnCount></PowerOnCount><SysUpTime>1763711786</SysUpTime><ReportTime>2013-09-13
11:07:19</ReportTime><ReportDuration>239</ReportDuration><MeterTime>2013-09-13
08:01:07</MeterTime><DevicePages><TotalStart></TotalStart><BWStart></BWStart><ColorStart></ColorStart><TotalEnd></TotalEnd><BWEnd></B
WEnd><ColorEnd></ColorEnd><DeviceStatus></DeviceStatus><PrinterStatus></PrinterStatus><IncludeFaxBwInTotals>False</IncludeFaxBwInTotals
><IncludeFaxColorInTotals>False</IncludeFaxColorInTotals><IncludeScanColorInTotals>False</IncludeScanColorInTotals><IncludeScanBwInTotals>
False</IncludeScanBwInTotals><A3PrintBwIncludeInTotals>False</A3PrintBwIncludeInTotals><A3PrintColorIncludeInTotals>False</A3PrintColorIncl
udeInTotals><A3CopyBwIncludeInTotals>False</A3CopyBwIncludeInTotals><A3CopyColorIncludeInTotals>False</A3CopyColorIncludeInTotals><Tot
al></Total><BW></BW><Color></Color></DevicePages><Alerts /><Supplies /><Meters><Meter><Name>Print
Total</Name><Reading></Reading></Meter><Meter><Name>Bw Total</Name><Reading></Reading></Meter><Meter><Name>Color
Total</Name><Reading></Reading></Meter><Meter><Name>Print BW</Name><Reading></Reading></Meter><Meter><Name>Print
Color</Name><Reading></Reading></Meter><Meter><Name>Print BW Impressions</Name><Reading></Reading></Meter><Meter><Name>Print
Color Level1</Name><Reading></Reading></Meter><Meter><Name>Print Color
Level2</Name><Reading></Reading></Meter><Meter><Name>Print Color Level3</Name><Reading></Reading></Meter><Meter><Name>Print
Impressions Total</Name><Reading></Reading></Meter><Meter><Name>Copy
Total</Name><Reading></Reading></Meter><Meter><Name>Copy BW</Name><Reading></Reading></Meter><Meter><Name>Copy
Color</Name><Reading></Reading></Meter><Meter><Name>Scan Total</Name><Reading></Reading></Meter><Meter><Name>Scan
BW</Name><Reading></Reading></Meter><Meter><Name>Scan Color</Name><Reading></Reading></Meter><Meter><Name>Fax
Total</Name><Reading></Reading></Meter><Meter><Name>Fax BW</Name><Reading></Reading></Meter><Meter><Name>Fax
Color</Name><Reading></Reading></Meter><Meter><Name>Toner Level Black</Name><Reading></Reading></Meter><Meter><Name>Toner
Level Cyan</Name><Reading></Reading></Meter><Meter><Name>Toner Level
Magenta</Name><Reading></Reading></Meter><Meter><Name>Toner Level
Yellow</Name><Reading></Reading></Meter><Meter><Name>Toner Max Capacity
Black</Name><Reading></Reading></Meter><Meter><Name>Toner Max Capacity
Cyan</Name><Reading></Reading></Meter><Meter><Name>Toner Max Capacity
Magenta</Name><Reading></Reading></Meter><Meter><Name>Toner Max Capacity
Yellow</Name><Reading></Reading></Meter><Meter><Name>Toner Remaining Pages
Black</Name><Reading></Reading></Meter><Meter><Name>Toner Remaining Pages
Cyan</Name><Reading></Reading></Meter><Meter><Name>Toner Remaining Pages
Magenta</Name><Reading></Reading></Meter><Meter><Name>Toner Remaining Pages
Yellow</Name><Reading></Reading></Meter><Meter><Name>Lifecount A4</Name><Reading></Reading></Meter><Meter><Name>Lifecount
A3</Name><Reading></Reading></Meter><Meter><Name>Duplex Total</Name><Reading></Reading></Meter><Meter><Name>Duplex
BW</Name><Reading></Reading></Meter><Meter><Name>Duplex Color</Name><Reading></Reading></Meter><Meter><Name>A3 Print
Total</Name><Reading></Reading></Meter><Meter><Name>A3 Print BW</Name><Reading></Reading></Meter><Meter><Name>A3 Print
Color</Name><Reading></Reading></Meter><Meter><Name>A5 Total</Name><Reading></Reading></Meter><Meter><Name>A5
BW</Name><Reading></Reading></Meter><Meter><Name>A5 Color</Name><Reading></Reading></Meter><Meter><Name>A3 Copy
Total</Name><Reading></Reading></Meter><Meter><Name>A3 Copy BW</Name><Reading></Reading></Meter><Meter><Name>A3 Copy
Color</Name><Reading></Reading></Meter><Meter><Name>Page
Count</Name><Reading></Reading></Meter><Meter><Name>A3FaxBw</Name><Reading></Reading></Meter><Meter><Name>A3FaxColor</Na
me><Reading></Reading></Meter><Meter><Name>A3FaxMonoOr2Color</Name><Reading></Reading></Meter><Meter><Name>A3ScanBw</Na
me><Reading></Reading></Meter><Meter><Name>A3ScanColor</Name><Reading></Reading></Meter><Meter><Name>A3ScanMonoOr2Color</
Name><Reading></Reading></Meter><Meter><Name>A3CopyMonoOr2Color</Name><Reading></Reading></Meter><Meter><Name>A3PrintMon
oOr2Color</Name><Reading></Reading></Meter><Meter><Name>ScanFaxBw</Name><Reading></Reading></Meter><Meter><Name>ScanFaxCol
or</Name><Reading></Reading></Meter><Meter><Name>ScanFaxMonoOr2Color</Name><Reading></Reading></Meter><Meter><Name>PrintM
onoOr2Color</Name><Reading></Reading></Meter><Meter><Name>CopyMonoOr2Color</Name><Reading></Reading></Meter><Meter><Name>
FaxMonoOr2Color</Name><Reading></Reading></Meter><Meter><Name>ScanMonoOr2Color</Name><Reading></Reading></Meter><Meter><N
ame>Custom1Bw</Name><Reading></Reading></Meter><Meter><Name>Custom12Color</Name><Reading></Reading></Meter><Meter><Name
>Custom1Color</Name><Reading></Reading></Meter><Meter><Name>Custom1Total</Name><Reading></Reading></Meter><Meter><Name>Cu
stom2Bw</Name><Reading></Reading></Meter><Meter><Name>Custom22Color</Name><Reading></Reading></Meter><Meter><Name>Custom
2Color</Name><Reading></Reading></Meter><Meter><Name>Custom2Total</Name><Reading></Reading></Meter></Meters></Printer><Printer
xmlns=""><Name>Maskinstue-1-SP3</Name><Manufacturer>Name.</Manufacturer><Model>N/A</Model><Color>False</Color><IPAddress

3manager security documentation: 25. Oct 2024 12

Webhooks
What is a webhook?

A webhook is a method used to provide real-time information to other applications. It's essentially a
way for an app to send automated messages or information to another app when a specific event
occurs. Instead of requesting data from a server, the server pushes the data to the client automatically,
making webhooks a form of "reverse API call."

How to enable the webhook:

Go to the vendor – settings – integrations – webhook and click configure:

Add the URLs for equipment reports (typically used for billing) and alerts (the supplies, service codes
etc)

When done, click “on” and then save.

Where can you use webhooks?

• Equipment reports. (Anything you want to configure as a report can be pushed to the
equipment endpoint.

• Alert profile: Any alert created based on your profile will be pushed to the alerts end point

IMPORTANT:

The webhook integration will only be active on the same vendor level it was added. This means that if
you have sub vendors you would like to use the webhook, you need to enable the integration on those
levels too.

3manager security documentation: 25. Oct 2024 13

Equipment report settings:

Alert profile settings:

3manager security documentation: 25. Oct 2024 14

Example of formats used:

Manual tickets (QR)

Toner low: (Automated)

{
"type": "SupplyAlertTriggered",
"alert": {
"accountId": "d78bc0fd-4eef-4092-b713-d6f668cd380f",
"deviceId": "4a8df93d-d560-4a2b-bfb2-1036774bea20",
"deviceName": "Demo Device 129",
"manufacturerName": "Hewlett-Packard",
"modelName": "Color LaserJet flow MFP M880",
"ipAddress": "10.47.80.143",
"serialNumber": "SN0015",
"colorant": "black",
"supplyType": "TonerCartridge",
"partNo": "CF300A",
"supplyDescription": "Black Cartridge HP 827A (CF300A)",
"location": "??",
"contractName": "HP (Estimated)",
"organizationalUnitName": "MPS Demo Customer",
"departmentName": "Department 1",
"threshold": 0.8,
"emptyInDaysThreshold": 80,

3manager security documentation: 25. Oct 2024 15

 "levelPercentage": 0.75,
"expectedEmptyAt": "2024-04-08T13:23:45.554509Z",
"expectedEmptyAtML": "2022-09-29T16:32:21.2733546Z",
"totalPages": 110302,
"totalBw": 24357,
"totalColor": 85945,
"subject": "Supply alert: TonerCartridge black 75%, MPS Demo Customer, DK-
PRN-AAR-2-07, SN SN0015, Hewlett-Packard Color LaserJet flow MFP M880, ??",
"macAddress": "5C:B9:01:10:4A:6C",
"daysLeft": 298,
"level": "NotEmpty",
"link": "https://app.3manager.com/#/accounts/d78bc0fd-4eef-4092-b713-
d6f668cd380f/equipment/network/4a8df93d-d560-4a2b-bfb2-1036774bea20",
"blackToner": {
"expectedEmptyAt": "2024-04-08T13:23:45.554509Z",
"expectedEmptyAtML": "2022-09-29T16:32:21.2733546Z",
"lastOrderedAt": "2023-02-04T02:04:36.95Z",
"isLatestReadingValid": true,
"level": "NotEmpty",
"percents": 0.75,
"percentsExtended": 0.75,
"levelAsString": "NotEmpty"
},
"cyanToner": {
"expectedEmptyAt": "2026-01-03T05:30:26.512752Z",
"expectedEmptyAtML": "2023-05-04T16:32:21.2733546Z",
"lastOrderedAt": "2021-02-11T07:01:45.573Z",
"isLatestReadingValid": true,
"level": "NotEmpty",
"percents": 0.7,
"percentsExtended": 0.7,
"levelAsString": "NotEmpty"
},
"magentaToner": {
"expectedEmptyAt": "2026-12-08T14:58:42.51284Z",
"expectedEmptyAtML": "2022-08-05T16:32:21.2733546Z",
"lastOrderedAt": "2023-02-04T02:04:36.95Z",
"isLatestReadingValid": true,
"level": "NotEmpty",
"percents": 0.91,
"percentsExtended": 0.91,
"levelAsString": "NotEmpty"
},
"yellowToner": {
"expectedEmptyAt": "2025-12-21T22:46:44.0236739Z",
"expectedEmptyAtML": "2022-08-24T16:32:21.2733546Z",
"lastOrderedAt": "2022-05-24T02:13:46.33Z",
"isLatestReadingValid": true,
"level": "NotEmpty",
"percents": 0.81,
"percentsExtended": 0.81,
"levelAsString": "NotEmpty"
},
"managed": true,
"assetNo": "DK1240",
"supplyPartNo": "CF300A",
"alertProfileName": "Preset: 3manager Toner/Ink",
"alertProfileLink": "https://app.3manager.com/#/vendors/7db5a55b-5e9a-4d12-
a2bf-887910b0b4ac/alerts/profiles/edit/a7f18110-263f-4e71-a0c6-c7643afda7da",
"departmentAddress": "Hasseris Bymidte 2",
"departmentCity": "Aalborg",
"departmentZipCode": "9000",
"departmentCountry": "Denmark",

3manager security documentation: 25. Oct 2024 16

 "departmentContactName": "Henrik Lundsholm",
"departmentContactEmail": "[email protected]",
"custom2Total": 110302,
"tenantId": "app"
}
}

3manager security documentation: 25. Oct 2024 17

SQL injection prevention (database penetration)
What is SQL injection?

SQL injection refers to an injection attack wherein an attacker can execute malicious SQL statements (also
commonly referred to as a malicious payload) that control a web application’s database server (also commonly
referred to as a Relational Database Management System – RDBMS).

Since an SQL injection vulnerability could possibly affect any website or web application that makes use of an SQL-
based database, the vulnerability is one of the oldest, most prevalent and most dangerous of web application
vulnerabilities.

How are 3manager protected?

SQL injections can happen in places where a SQL query with parameters from web user interface is formed in
code. In 3manager we manage this differently.

We send the SQL query template and parameters from user interface to the SQL servers separately, and on the
servers its combined to the final query in a secure way.

In short, the environment needed to do a SQL injection is not present in 3manager.

Microsoft Defender SmartScreen

If you are using Microsoft Defender, you can experience that Microsoft Defender SmartScreen blocks the software
during installation.

This is a common issue for non-Microsoft developed applications, and basically, the defender says “It's not
developed by Microsoft, so we can't say if this is good or bad”.

You can safely continue installing the software by choosing “More information” and then continue.

If you are using other antivirus systems, you will probably not get any warning at all.

3manager security documentation: 25. Oct 2024 18

3manager and antivirus systems
Antivirus products are constantly having their definitions updated, and this may lead to an incorrect classification
of the 3manager data collector software as malware.

This URL shows the check-result from all major antivirus providers scanning 3manager software:

https://www.virustotal.com/gui/file/de52d9fed7d0db6b13a5905768c97b17ccef9f1c15be8b64527799f90e146a35/d
etection

Symptoms:

• The data collector stops working and you see a warning saying “A root element is missing”.
• Your antivirus systems detects the data collector as a trojan horse
• .exe files are deleted preventing any update of the data collector
• You cant install the data collector

Resolution:

Add exclusions for the 3manager data collector agent by following the guidelines in the documentation provided
by your antivirus system provider.

You would need to make exclusions for the following.

• Process: C:\Program Files (x86)\3Manager\SNMPService\Agent.SnmpService.exe

• Process: C:\Program Files (x86)\3Manager\SNMPService\Agent.ControlPanel.exe

If an Antivirus product has quarantined 3manager files and/or removed it, you may have to install the data
collector again, but first you need to delete the printer agent folder completely BEFORE you run the new
installation.

The folder is located in one of the following directories:

c:\users\all users\printeragent
c:\users\all users\application data\printeragent
c:\appdata\printeragent

Delete the folder and perform a new installation

The 3manager data collector uses a 256bit encryption comodo certificate and is signed as well, meaning that the
publisher is 3manager and the software hasn’t been altered from being downloaded online to being installed.

3manager security documentation: 25. Oct 2024 19

CPU Usage and Real-Time Protection
Real-time protection in antivirus software continuously monitors files and processes to detect potential
threats. However, this can lead to increased CPU usage when the antivirus system scans frequently
used processes.

When real-time protection interacts with network services like SNMP queries, the antivirus may treat
the traffic as suspicious and intensively scan it, causing CPU spikes.

Frequent SNMP Queries

3manager performs regular SNMP queries to monitor devices. These queries occur during polling,
which happens every 15 minutes, and discovery, which runs every 8 hours. If the antivirus scans these
frequent queries, it can significantly contribute to increased CPU usage.

Why CPU Usage Can Increase

CPU usage can rise due to the antivirus software scanning every action performed by critical
applications. For 3manager, real-time protection may continuously analyze SNMP query-related
processes, such as:

• C:\Program Files (x86)\3Manager\SNMPService\Agent.SnmpService.exe

• C:\Program Files (x86)\3Manager\SNMPService\Agent.ControlPanel.exe

This increased scrutiny can slow down system performance, especially if these processes are scanned
frequently.

Mitigating CPU Spikes

To reduce CPU load, it’s essential to exclude these 3manager processes from real-time protection. This
prevents the antivirus from constantly scanning them, allowing the system to run smoothly.

If excluding these processes doesn’t resolve the issue, please contact 3manager support for further
assistance.

3manager security documentation: 25. Oct 2024 20

Security
AWS Security and Certifications:

We rely on AWS's robust security infrastructure and certifications to protect our hosted environment.
AWS maintains a comprehensive set of security measures, including physical security, network security,
and data encryption, to safeguard our data and infrastructure. Check more about hosting security on
page 21.

OS Updates

We continuously monitor and assess operating system updates, applying only those that are relevant
to security. This targeted approach ensures that our servers are protected against known security
vulnerabilities while minimizing potential disruptions to our system's stability.

Limited Access Control

Access to our servers is restricted to authorized personnel only. Only developers and database
managers have access. We enforce this through strict access control measures, ensuring that only
individuals with a legitimate need have access to our systems.

Two-Factor Authentication (2FA)

To enhance security, we enforce two-factor authentication for all personnel accessing our servers. This
additional layer of security helps prevent unauthorized access, even in the event of compromised
credentials.

IP Whitelisting

We further secure our servers by implementing IP whitelisting, which restricts access to specific IP
addresses or ranges. By allowing access only from trusted sources, we reduce the likelihood of
unauthorized access attempts from malicious actors.

No Third-Party Tools Installed

Our servers do not have any third-party tools installed, and they are not used for web browsing or
email management purposes. This minimizes the attack surface and reduces the risk of vulnerabilities
introduced by external software.

3manager security documentation: 25. Oct 2024 21

By implementing these measures, we maintain a robust security posture for the 3manager software,
ensuring the protection of both our data and our customers' data against potential threats and
vulnerabilities.

Hosting
The 3manager servers are hosted in Europe (Ireland, South Dublin, Greenhilss Road, Tymon North,
Dublin) at Amazon. (AWS).

Certifications:

• ISO 27001 Certified

• ISO 9001 and BS7799 Compliant
• SSAE16 Certified
• PCI Level 1 Service Provider Certified
• Tier III Standards Compliant

Environment:

• Close control units (CCUs) provide conditioned air to technical space

• Diverse chilled water distribution pipe work (ring main type) throughout facility
• Dry risers to all floors
• Gas suppression system using centrally stored Inergen
• Humidity range of 50% (+/- 10%) in technical areas
• Minimum N+1 resilience on chilled water cooling system
• Temperature in technical space maintained at 22°C (+/- 2°C)
• Up to 25 air cooled chillers installed, supplying 1.4MW of cooling per chiller
• VESDA smoke detection system

Security:

• 24x7x365 security staff, strictly enforced security procedures

• Dedicated 24x7x365 facilities management team
• Mantrap at entryway
• Multiple CCTV cameras (interior and exterior)
• Secure managed delivery and loading area
• Three-factor security access

3manager security documentation: 25. Oct 2024 22

Power:

• MW of power per floor plate

• Diverse A&B supply, distributed via 11kV ring main units
• Mains power supplied via 2 x 132kV incomers
• Minimum N+1 redundancy on power supply
• Onsite diesel tanks (4 x 119,000 litres) support 50 hours at full capacity with 8 hour, 24x7x365 fuel delivery
callout contract in place
• Power/cooling systems supported by up to 33 no-break Rotary Diesel UPS sets

Network:

• Datapipe network features redundant fiber sources and redundant aggregate switches and core routers
• Direct BGP peering with five Tier 1 providers; BTN, Interoute, Level 3, Tiscali, and T-Systems

3manager security documentation: 25. Oct 2024 23

Disaster Recovery Process Overview:

At 3manager, we have a robust disaster recovery process in place to ensure business continuity and
data integrity in case of system failures or catastrophic events. Our process is built around AWS’s
scalable infrastructure and includes both automated backups and well-defined recovery procedures.

Backup Strategy:

Daily Incremental Backups: We perform daily incremental backups of all critical data. This ensures that
only the changes made since the last backup are stored, minimizing backup size and reducing recovery
time.

Weekly Full Backups:

Every week, we perform a full backup of all data, capturing the entire state of our system. This allows us
to have a complete and up-to-date snapshot of our data available for recovery.

Storage and Redundancy:

All backups (both incremental and full) are securely stored in a third party location, with encryption
enabled and only available for 3manager development team for access.

To ensure maximum availability and protection against regional failures, backups are replicated across
multiple regions.

3manager security documentation: 25. Oct 2024 24

Disaster Recovery Plan:
In the event of a disaster (e.g., server failure, data corruption, etc.), we follow a predefined recovery
process:

Step 1:

Identify the most recent incremental or full backup to be restored, based on the timing of the disaster.

Step 2:

Launch a new instance or restore the affected systems using AWS depending on the affected
components.

Step 3:

Retrieve and restore data from the backups. We first apply the most recent full backup, followed by
incremental backups to ensure minimal data loss.

Step 4:

Conduct system validation to ensure all services are up and running properly, and no data is lost.

Step 5:

• Notify stakeholders once the recovery is complete and all systems are operational.
• Recovery Time Objective (RTO) & Recovery Point Objective (RPO):
• RTO (Recovery Time Objective): Our goal is to have systems fully operational within 8-12 hours
of identifying an incident, depending on the scale of the failure.
• RPO (Recovery Point Objective): With daily incremental and weekly full backups, we aim to limit
potential data loss to within 24 hours of the most recent incremental backup.

Monitoring:

Automated monitoring is in place to detect potential issues early, minimizing downtime and speeding
up the recovery process.

3manager security documentation: 25. Oct 2024 25

Security Troubleshooting Checklist
In case you are experiencing issues with the installation of the 3manager data collector here is a quick
list on what to check:

o If proxy server is used it might also report issues. We recommend adding the proxy server, user and password
in the data collector during installation if used.

o White list the URL: *.3manager.com. If it's not allowed to whitelist the domain then the following needs to be
whitelisted: services.3manager.com, modelapi.3manager.com, cloudmibwalkapi.3manager.com

o In case it's needed to enter the IP address of the data processing server its: 52.213.181.35. This is the server
where the data collector sends data, activate the license and ask for updates.

o Internally the 3manager data collector will use port 161/162 to communicate with the printers. These are in
most cases already open. If they are not the printers will not be visible for monitoring.

o SNMP version 1 & 2 or 3 needs to be enabled on the printer or it will be invisible for the data collector. Unless
changed, printers are default having SNMP v1-2 enabled.

o Is the data collector installed with local administrative rights?

o If CPU Usage is too high, please go to the section with CPU Usage and Real Time Protection to learn more
about whitelisting of the SNMP processes.

3manager security documentation: 25. Oct 2024 26