This page offers technical information about the Think Wrong Lab (the Lab) for IT staff.
Architecture
The Lab is a cloud-based multi-tier deployment, each tier is decoupled from the other.
The primary web interface—the front end—is hosted on a high availability service that supports multiple devices on modern browsers - we've tested at Internet Explorer 11.5 and above, Edge, Chrome, Firefox, Safari, iOS, and the Android browser on an Amazon Fire device. This layer primarily runs javascript to render data retrieved from a secure web service (our middle tier), certain non-client specific static content e.g. help and learn sections are served directly from this platform.
The Lab runs on the HTTPS protocol and downloads external javascript libraries and CSS files over HTTPS.
The mid-tier is hosted on high availability, scalable servers. It is written in Java. The tier is fronted by a secure web service that only accepts requests from known sources. The single point of entry acts as a security choke point, assuring that only authorized users can access the services - passwords and session keys are SALTed, and are validated on each service request.
The web service returns JSON or formatted HTML over HTTPS directly to the client browser to be rendered.
The back-end—data is persisted in a high availability non-SQL database, the database is backed up daily. Back-ups are stored for 5 days. The database is only accessible from known IP addresses. Data is transmitted over HTTPS.
Images are stored in Cloudinary, and those images are only accessible from named domains. Data is retrieved over HTTPS.
Security
The Lab uses user, role, and instance-based security to access data. That is to say depending on who you are and what your role is in relation to a particular instance of the data determines what you can see, and what you can do to that data.
Performance
The Lab has been built on scalable infrastructure whose resources expand and contract with demand. The 'chatty layers' are co-located in the same data center. The front end is distributed via a CDN, as are images.
Availability
With any multi-tiered approach, any one of the layers can be a single point of failure if that service goes down, that said we use services with a good track record of availability, but there are times when the availability of the Lab is beyond our control. As with other cloud-based services occasionally the Lab may experience interruption as new software is deployed - we attempt to keep this disruption to a minimum for our users.
Requirements
By being browser-based, the Lab is designed to reduce the burden on client organizations, however, we do require minimum browser levels to assure full functionality—and encourage and advise our clients to use up-to-date modern browsers on up-to-date modern operating systems.
The Lab has been tested on Internet Explorer 11.5, Edge, Chrome, Firefox, Safari, iOS, and the Android browser on an Amazon Fire device.
Users must be connected to the internet with acceptable upload and download speeds to assure functionality.
Client firewalls must allow access to thinkwrong.com, www.solvenext.com, www.solvenext.cloud, and api.cloudinary.com.