The gateway is running Ubuntu 20.04
In order to guarantee the well functioning of the system we can not provide root access to the gateway.
Data transfer & storage
The UWB packets that are being sent by the tags are not encrypted as they do not contain any sensitive information: They contain the tag ID (= uniquely identifying a tag), the blink index (= an auto incrementing number), and optionally some accelerometer sensor data.
The UDP packets that are being sent by the anchors to the gateway are not encrypted as they do not contain any sensitive information. They contain the same information as the UWB packet, but with an additional timestamp of when the packet was received by the anchor. Adjusting configuration settings of the anchors also happens using UDP packets. For security reasons, anchor firmware updates are encrypted before being sent over UDP.
All the data going to the cloud is transferred over a TLS connection. A complete description of how data is transferred between the gateway and the cloud can be found here: Data transfer & storage.
By default, the gateway only stores configuration data. If you enable analytics it will also store post-processed positioning data. A complete description of which data is stored where can be found here: Data transfer & storage.
No, the data on the gateway is not encrypted.
When you enable analytics the gateway will store post-processed positioning data which can be downloaded through our Analytics HTTP API: HTTP API reference. It is however not possible to store unprocessed positioning data on the gateway. If you want to store the unprocessed data, you can do this by logging the data from the MQTT API, as described here: Logging data from the MQTT stream.
The cloud will only store configuration data, never positioning data. A complete description of which data is stored where can be found here: Data transfer & storage.
The data is stored at AWS.
To connect to the system via the internet you will need a Pozyx user account, which in turn has a specific role assigned to it (= role-based access control (RBAC)). There are 3 roles:
Guest: Has only access to the visualization, can not edit anything.
Managers: Can make changes to the system but can not control the access of other users.
Owner: Can make changes to the system and can control the access of other users.
To connect to the system via the gateway directly (= via the local network), no authentication is needed.
We make use of short lived JSON Web Tokens (JWTs) for maximum security.
Yes, we use bcrypt.
No, at the moment we do not offer 2FA.
No, at the moment we do not offer any SSO integration.
Information about the anchor’s LED can be found here: https://docs.pozyx.io/enterprise/Mounting-the-anchors.1243152417.html#Mountingtheanchors-Validatingtheanchors.
The hardware versions of all your anchors can be easily checked under the tab devices → UWB devices:Anchors.
Anchors within the same main version number (e.g., 1.x, 2.x, etc.) are interoperable. This means that anchors with version 1.x cannot be used with anchors that have version 2.x. However, a system with anchors of different subversions within the same main version (e.g., v2.0, v2.1, and v2.2) will work perfectly together.