Security Considerations

The Honeywell Voice Maintenance & Inspection Solution provides support for several methods of securing data communication. The following section shows how to configure the solution to use secure methods of transmission.

Options for Securing the Implementation

Voice Inspection Solution Security Options

  1. Assignment import – an inbound web service transmission from the host system to VoiceCheck. Secure this data by configuring a server certificate on the VoiceCheck server and using an HTTPS inbound URL.
  2.  Results export – an outbound web service transmission from VoiceCheck to the host system. Secure this data by configuring a server certificate on the host system and enabling HTTPS authentication in the Post Assignment Results Web Service Settings on the System Configuration page of the VoiceCheck GUI.

    Results import – an inbound web service transmission from the host system toVoiceCheck. Secure this data by configuring a server certificate on the VoiceCheck server and using an HTTPS inbound URL.
  3. User authentication – an option to use an existing directory server to authenticate VoiceConsole and VoiceCheck users. Set this option on the System Configuration pages of VoiceConsole and/or VoiceCheck.
  4. VoiceConsole web pages – the GUI pages served from Apache Tomcat to the client browser. Secure the web pages by selecting the Enable HTTPS Support option during the VoiceConsole installation and entering the certificate keystore information in the Tomcat configuration file.
  5. VoiceCheck web pages – the GUI pages served from Apache Tomcat to the client browser. Secure the web pages by selecting the Enable HTTPS Support option and entering the certificate keystore information during the VoiceCheck installation.
  6. VoiceConsole Embedded Database – a remote connection to an embedded database can be configured to use SSL (Secure Socket Layer) encryption. Secure this remote connection by installing a certificate and modifying a number of properties in the Apache Tomcat database.properties file. This option is not available for Microsoft SQL Server or Oracle databases and is not necessary for databases deployed on the same physical machine as the application server. See the VoiceConsole Implementation Guide for details.
  7. VoiceConsole device communications – wireless communications secured by WEP, WPA or WPA2 protocols, and data transmission from Talkman devices to VoiceConsole secured by HTTPS. Set both security options in Device Profiles in VoiceConsole.
  8. VoiceCheck device communications – data transmission between Talkman devices and VoiceCheck secured by Transport Layer Security (TLS/SSL) encryption. Install a certificate on the VoiceCheck application server, then select this option when creating a Task Package in VoiceConsole.Wireless network authentication – an option to deploy Extensible Authentication Protocol (EAP) to define data message formats for secure wireless communications among Honeywell solution components. Configure EAP on a site-wide basis by modifying the site in VoiceConsole.

Other communications shown in the graphic have security options that are not controlled within the Honeywell Voice Maintenance & Inspection Solution. The VoiceCheck database should be deployed on the same physical network segment as the VoiceCheck application server, so wired network security can protect this data transmission as well as data sent between VoiceConsole and its local database. The Talkman device connects to a display device using HTTP and to SRX3 headset via Bluetooth v5.

Supported Authorities