...
The inherent architecture of Swarm provides excellent protection against viruses and other harmful software. The only permitted listening services are HTTP, SNMP, NTP, and Swarm's internal Cluster communications. Each of these is protected in the following manner:
- The HTTP server uses Caringo-developed code and is limited to SCSP and web console communications. There is no dynamic CGI, PHP, or other scripting used.
- The SNMP service requires password authentication for all write requests and uses a custom Caringo-developed SNMP agent.
- Any NTP input requires encryption keys to accept unsolicited input.
- All internal Swarm Cluster communication must adhere to Caringo's internal and proprietary protocol which is not published externally.
- In addition to the communication protection of each service, Swarm's embedded OS runs entirely from RAM and has no persistent state across reboots.
In summary, while all systems are potentially vulnerable, Swarm is naturally protected from most of the standard methods of attack.