Training Platform Technical Details
A key component of employee engagement relies on your users being able to seamlessly interact with video content and digital puzzles on and through our Online Training Platform. In an effort to support a seamless launch and successful rollout within your organization, please review the following technical details we have put together to maximize employee engagement within our Platform.
Topics covered here:
- Browser Compatibility
- Email Whitelisting
- URL Whitelisting
- VPNs, Corporate Network Policies and Bandwidth
- SSO Details
- User Provisioning
The Living Security Training Platform is designed to work with most browsers but we currently only support the latest version of Microsoft Edge, Google Chrome. The Platform utilizes libraries which may not support some older versions of browsers or specific features of certain browsers, including Internet Explorer (IE).
If the majority of your company is using any older versions of these browsers - or alternative browsers like IE - please let us know right away as we are happy to work with you on messaging. If your IT department is needed to help facilitate this switch, our goal would be to start this process immediately to avoid any delays in timeline.
The Training Platform is able to send training invitations, notifications, and other emails directly to participants. To ensure these emails do not get flagged, blocked of filtered as a phishing or spam email, please whitelist our IP address:184.108.40.206
All traffic for the following URLs need to be whitelisted before training is rolled out:
- app.livingsecurity.com port 443
- identity.livingsecurity.com port 443
- livingsecurity.com port 443
- *.livingsecurity.com port 443
- *.*.livingsecurity.com port 443
- *.contentful.com (specifically cdn.contentful.com) port 443
- *.cloudinary.com (specifically living-security-res.cloudinary.com)
This will cover the various URLs we use for videos and game play, most importantly:
- Use this link to check images: https://cdn.cyberescape.livingsecurity.com/image/DITL_GenUser2-SHWG2Cbw.jpg
- Use this link to check video loading: https://cdn.cyberescape.livingsecurity.com/video/Phishing_IRL_Ep1_pt1_3mbps.mp4
- The custom URL hosting your Training Platform which will be: "companyname".livingsecurity.com
- External sites users will be accessing
VPNs, Corporate Network Policies and Bandwidth
These items in conjunction with each other can cause slow load times for training videos and at times, completely block a training video from opening. There is not one magic setting to prevent this since every company, user and machine has different settings and restrictions. However, you should ask if deep packet inspection and/or bandwidth restrictions are in place that prevent the successful delivery of video content from our CDN: https://cdn.cyberescape.livingsecurity.com.
Note: At this time we do not support adaptive bitrate streaming.
Also, ensure network policies support TLS 1.2 for traffic at https://cdn.cyberescape.livingsecurity.com. Although we support TLS 1.3 for the root application (your unique URL) our CDN https://cdn.cyberescape.livingsecurity.com does not currently support TLS 1.3
To ensure SSO is completed in a timely manner, you will need to provide us your IDP metadata and signing certificate. Only update for the IDP metadata is the nameid with format emailAddress. You will need our SP metadata and signing certificate. It’s available upon request.
We support all SAML 2.0 identity providers and OIDC identity providers. With Okta, you can choose which you prefer to use. Since you we don't support IDP initiated SSO at this time (where you click on a chicklet inside Okta to automatically login to our application), please have the chicklet redirect to your Living Security platform (https://app.livingsecurity.com) and the employee can click the sign-on button there to initiate SSO.
SSO Steps to Get Started:
- Provide IDP Metadata in .txt format
- Provide Signing Certificate in .pem or .cer format (can be sent as .txt format but must originate as .pem or .cer)
- Provide a list of email domains you intend to use
You can provision users for the Training Site three ways: