The snowcone and the snowball are similar in their size and construction with regards to the casing compared to that of the snowmobile which is in a class of its own, I mean it comes on a Truck!  

So let me talk about the Snowcone and Snowball for a moment.  These two hardware appliances share some key features between them that I want to highlight.  

When transferring data to these devices it is automatically encrypted to protect the data.  This encryption is backed by keys generated by the Key Management Service (KMS).  To enhance the security of the device, the encryption keys are not stored on the device during transit.  If you would like to learn more about the Key Management Service, then you can see our existing course here. 

Following on from encryption, another security feature that these devices have in common is that their enclosure is Anti-tamper in addition to specific verification checks on the boot environment when the device is first switched on.  These measurements and checks help to validate the integrity of the data to ensure that it has not been interfered with at all during transit.

In addition to their enclosure being secure by design, it is also highly rugged and able to withstand the harshest of environments, for example, the snowcone can operate in conditions of -32ºC/-25.6ºF to 63ºC/145.4ºF. It’s all windproof, dustproof and water-resistant!  The enclosures are designed to withstand operational vibrations and shockproof should you drop the device.

Each of the snow devices uses an E Ink shipping label which is pre-loaded with the delivery details entered on the associated job.  When the snow device leaves AWS premises it can be tracked via SNS, text messaging and the AWS Management Console.  When the device is prepared to be returned to AWS premises, the E Ink automatically updates with the appropriate location

As these devices are packed full of data, it’s essential that the data is deleted once the transfer has been completed and the snow device is no longer required.  As a result, AWS carries out a secure erase which meets the National Institute of Standards and Technology, more commonly known as NIST for the sanitization of the media and storage. 

Before I finish this lecture I just want to point out a couple of features related to the snowmobile. 

Each snowmobile is sent with a connector rack allowing you to connect it to the backbone network of your own data center, as a result, this rack comes with up to 2 kilometers of network cabling.

The Snowmobile is designed to operate within ambient temperature up to 85F (29.4C).  If the temperature exceeds this then an additional auxiliary chiller unit can be supplied by AWS following a site assessment survey.  If there isn’t sufficient power to feed the snowmobile at the data center then AWS can also send a separate generator to power the snowmobile, however, this requires the same space required to home a snowmobile.

As with the Snowcone and snowball, the snowmobile also encrypts data backed by the Key Management Service.  Also, the snowmobile is only ever operated by AWS personnel and can also be escorted by an additional security vehicle during the transit of the container to and from premises, in addition to having GPS tracking available.  As added security, the container is also protected via 24/7 video surveillance systems and alarms.