Alta Labs’ cloud-based management platform is included with the purchase of Alta Labs products at no additional cost. It powers thousands of devices from small home and office configurations to large-scale enterprise installs. Our customers deserve peace of mind regarding the security of their networks and the policies and infrastructure in place to ensure that security carries into managing network policy.
Alta Labs does not route any customer network traffic processed by Alta Labs Wireless Access Points, Network Switches, Routers, Gateways, etc. through its cloud infrastructure. Only customer network configuration information is stored in our cloud management platform. Configuration information is not stored in our cloud for the Control hardware or self-hosted software. Alta Labs devices do not need consistent access to our management platform to operate properly. They only require access when a site administrator or user wants to change network policy, view the network status, or run utilization reports.
Alta Labs does not store any configuration data in the cloud for the self-hosted version of Control.
Our security efforts are led by our top-level team of Alta Labs employees, including our CEO Chase Harrison, CTO Jeff Hansen, and Principal Architect Chris Buechler.
The Alta Labs Control management platform can be accessed via our cloud portal at manage.alta.inc, via our Control network controller hardware solution, or our downloadable self-hosted local controller software.
| Icon | Topic |
|---|---|
|
Topics that only apply to our Cloud Portal will have a Cloud icon |
|
Topics that only apply to our local controller will have a Control icon |
|
Topics that an independent security contractor periodically audits have the Audited/Check icon |
The Alta Labs cloud management platform is deployed with AWS (Amazon Web Services) to provide our customers with highly secure, scalable, redundant, and globally accessible network configuration. Cloud Services are implemented following the: AWS Shared Responsibility Model
Alta Labs Cloud Portal is contained within AWS Virtual Private Clouds (VPCs), restricting public access to critical internal services. Services are implemented using AWS Best Practices and distributed across multiple availability zones for redundancy.
All user traffic handled by Alta Labs access points and switches is bridged within the Local Area Network that it originated from. In the case of a user-configured IP tunnel, user traffic is only routed to/from the user’s configured tunnels.
Alta Labs does not monitor user traffic.
All user traffic handled by an Alta Labs Router is routed within the user’s connected networks and is not monitored by Alta Labs.
The Alta Labs management platform is designed to restrict all management traffic (including portal authentication/management and network configuration) to a minimum TLS 1.2 protocol level with high-grade asymmetric and symmetric encryption, always using a publicly verifiable SSL certificate. Self-signed certificates are not used or supported under normal circumstances.
Within Alta Labs, access to production environment configuration and deployment is reserved on a need-to-know basis. Those with access require significant tenure within the company and must pass background checks.
All data within Alta Labs management platform databases is encrypted at rest. See the Encryption data section.
Amazon RDS (Amazon Relational Database Service) is deployed to automate tasks such as provisioning, configuring, backing up, and patching. Data is protected with encryption whether at rest or in transit. Databases are encrypted using keys managed through AWS Key Management Service (AWS KMS). Alta Labs is utilizing this architecture as it is well known and has a track record of reliability and security.
Data is stored, encrypted at rest, and protected in an ISO-27001-compliant data center. Data is partitioned in the database in such a way that one customer cannot access another customer's data without an explicit invite. The invite has to come from the customer who runs the site. Logs are also encrypted at rest and deleted after 90 days.
Amazon Cognito ensures customer identity and access management with flexible sign-up and sign-in. Scalable to millions of users and hundreds of transactions per second, Amazon Cognito is used in conjunction with SRP (Secure Remote Password) for authentication.
MFA (Multi-Factor Authentication) can also be employed for an extra layer of protection. App-based authentication using an Authenticator App can be set up or SMS-based authentication with verification done via text/SMS.
There is logical separation based on authentication tokens. The Alta Labs environment is a multi-tenant environment with logical separation between users. Customer data is segregated at the application level using unique IDs combined from several parameters.
The Alta Labs management platform is designed to restrict all management traffic (including portal authentication/management and network configuration) to a minimum TLS 1.2 protocol level with high-grade asymmetric and symmetric encryption, always using a publicly verifiable SSL certificate. Self-signed certificates are not used or supported under normal circumstances.
99.99% Uptime for our cloud-based management platform. The platform is monitored 24 hours a day, 7 days a week. Engineers are notified immediately upon any service interruption.
Alta Labs requires all users to log in to the management platform. Simply sign in with an email address and password or use a Google or Apple SSO. App-based or SMS-based multi-factor authentication can be enabled for additional security. SSH is available for local device control, but is protected via SSH key authentication. SSH password authentication is not supported for increased security.
Discrete services.
Cloud services are compartmentalized into discreet, purpose-built systems. Each system is only authorized to perform the task for which it was built, and logs are monitored to ensure that focus is maintained.
Privilege separation: Unprivileged users.
To prevent unauthorized privilege escalation, controller, database, and other services operate using non-administrator accounts.
At Alta Labs, our commitment is to elevate your network by providing secure, high-performance, and feature-rich networking solutions. Our user interace, firmware development, and release strategy is built around this mission, ensuring that every update delivers value, reliability, and stability to your network.
Auto-update is enabled by default on all new sites, and free updates are included with all Alta Labs products for the lifetime of the device(s). We recommend leaving this enabled, as it allows all Alta Labs users to benefit from the latest features, incremental improvements, and bug-fixes as our development team identifies and implements them. Even though auto-update is optional, our release track record has allowed us to maintain that 98% of all sites and 95% of all devices remain configured on auto-update, by user’s choice.
We believe in rapid innovation—without compromising on quality. New features and updates are deployed frequently to our internal test sites where they undergo extensive vetting. These sites vary widely in size, complexity and geolocation. These deployments ensure that each firmware version meets our rigorous burn-in and quality assurance standards before it reaches your devices.
This process can result in one to multiple production firmware releases within a single week. This cadence allows us to stay ahead of emerging threats, respond quickly to user feedback, and consistently improve your network experience.
Once a firmware version passes internal validation, we will adhere to the following documentation schedule:
In rare cases where immediate action is needed to resolve a critical security issue or stabilize the platform, we may release firmware ahead of finalized release notes. This ensures your network remains protected and performant under all circumstances. It also gives users time to validate new releases before rolling it out more widely.
Alta Labs is proud to provide top tier, free technical support available via the following methods:
If using the Contact Us, Email, Phone, or Online chat methods, please only use one initial method so that we may create a unique case number to track your support needs.
It is critical that technical support troubleshoot with you if you suspect that there is a hardware failure. The ticket number you will receive is a requirement to obtain an RMA. If you do not have a ticket number accompanying an RMA, there is a chance your RMA claim may be denied.
If you believe you’ve found a bug with one of our products or services, please use one of the aforementioned communication methods to report it so we can attempt to reproduce the issue and report it to the development team.
If you have a question about how to obtain a particular outcome that is not design related nor covered in our Help Center linked above.
If you believe there is a gap in the Help Center, please feel free to recommend an article. The Support Team writes the articles, so you’ll be recommending an article directly to the people who will be authoring the article.
If you are inquiring about a product that you do not yet own, it is most likely a presales question and would be best served by our sales team. They can be reached at sales@alta.inc or by phone at 866-592-3777 (Mon-Fri, 8am-5pm, Mountain Time). If the query is too technical for our sales staff to answer, they will collaborate with the Alta Labs technical support team to provide the best answer.
Share your request on the Feature Requests section of our community for best results. Alta Labs is very community driven and submitting your request to the community allows others to vote on the request.
Send an email to rma@alta.inc. When doing so, please make sure you reference your RMA number. If you have not yet received an RMA number, please reference your ticket number.
Our Support Team is provided to help troubleshoot any issues you may encounter setting up or using our products. If you’d like assistance designing a network, we recommend that you contact a network installation professional. Installers and distributors in your area can be found from our Where to Buy page. If you have any trouble locating a network professional, feel free to reach out to our Sales team at sales@alta.inc and we will do our best to help you track one down.
As noted in the section above, “When to Contact Technical Support”, our primary purpose is to help provide assistance troubleshooting any product that you are installing or having issues with. Our team is also happy to provide configuration advice, limited configuration assistance via verbal or written instruction or access to your site(s) to demonstrate and/or provide training within the narrow scope of the objective to our customers on a particular path to a desired configuration.
When contacting Alta Labs via phone or chat, we strongly recommend providing an email address that you check frequently so we may follow up easily if necessary. We do not send SPAM; your email address will be kept secure.
Alta Labs Support Staff will help troubleshoot any bugs or suspected bugs with firmware, the cloud-based controller, or the local controller on a Control appliance. If a bug is reproducible, we will log it and queue it to be fixed.
Alta Labs Support Team will support Alta Labs equipment to a point that the representative deems that the Alta device and/or Alta configuration is correct and/or that the issue is upstream from the Alta device(s) or if the issue is caused by a downstream device or devices. This determination will solely be based on comparable systems with a reasonably similar configuration that are functioning as intended. Should that be the case, the representative will inform you as such and may, at their discretion, provide a general overview of the steps needed on any upstream device(s) to achieve the desired configuration. Alta Labs makes no guarantee of 100% accuracy of terminology or advice for equipment outside of the Alta Labs ecosystem. If you need further assistance, we welcome you to post your inquiry in our Community Forum and provide other customers with the opportunity to assist with any third-party configuration questions. Should your case involve third party hardware, we recommend also reaching out to that vendor’s support program.
Alta Labs will provide support via the online community only for the following technologies and products:
* - Abuse of support platforms includes but is not limited to:
** - Abuse of support team members is contextual and does not have a hard definition. A tech support engineer will notify the Director of Customer Solutions for Alta Labs or other leadership of the alleged abuse who will then investigate the report. Should the Director of Customer Solutions or other leadership concur with the engineer’s assessment, the Director will reach out to you directly. In short, reasonable courtesy should be extended to all parties at all times. Additionally, should you obtain a specific employee’s email address, please do not contact them directly for support. All email inquiries should be directed to support@alta.inc
Please note that the Scope of Support terms are subject to change without notice
Alta Labs sources only from top-tier, well-established suppliers for our chipsets and other components. We work exclusively with companies such as Qualcomm, Samsung and Texas Instruments, whose products meet the highest standards for security and performance. This allows us to deliver products that are both reliable and secure for our users.
If you have any questions or concerns about your information, privacy, or any of the details discussed here, please feel free to contact us:
Email us at privacy@alta.inc.
You can also reach us via mail at:
Alta Labs
192 N Old Hwy 91 Unit 1
Hurricane, UT 84737
Or contact us directly by phone at: