Intro: General Security Information

Skies provides several layers of infrastructure and content security.

Step 1: Domain Setup

In order for remote users to reach your on-premise Strawberry system trough Skies, you will need to decide on a URL under which this system can be reached.

Step 2: Firewall Configuration

For the Strawberry server to connect to Skies, you don’t need to open up firewall ports for incoming traffic but you need to make sure that your Strawberry server can connect to the relevant AWS IP ranges from behind the firewall (outgoing traffic). Since AWS IP ranges can be changed by Amazon, it is recommended to automatically update the configuration using the methods described by Amazon.

Step 3: Connecting Strawbery to Skies

Once the above steps are performed, Projective will provide you with a Skies API key that needs to be placed into a configuration file. Within this configuration file, you will also need to provide the domain name(s) under which your Strawberry system should be reachable via Skies. The example configuration file “skies.yml.example” can be found within the “/app/fsbase/config” directory on your Strawberry server. Once the file is in place, Strawberry services must be restarted.

Step 4: Providing Strawberry Users & Teams with Skies-Access

Users can only connect to the on-premise system through Skies if an Administrator has set the respective permission for their user accounts. Admins can set that permission for individual users or for entire teams.

Please note that users connecting trough Skies require a strong password. Users attempting to login trough Skies with weak passwords are rejected & prompted to reset their passwords via an Email reset link. Therefore, it is recommended to add an email address to each Skies-enabled user account.

Last modified: Apr 08, 2020

Need more help with this?
Visit the Projective Support Websites

Thanks for your feedback.