Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Archive > 2017December28 - Deletes > NTA Flow Storage Database security and penetration testing

NTA Flow Storage Database security and penetration testing

Table of contents
Created by Daniel Polaske, last modified by Jessica Solis on Dec 28, 2017

Views: 794 Votes: 0 Revisions: 5

Overview

This article provides brief information on requirements on security of the NTA Flow Storage Database when deploying the NTA Flow Storage Database.

Environment

NTA version 4.x or later

Detail

The NTA Flow Storage Database is nearly the same as the Fastbit database (https://sdm.lbl.gov/fastbit/) with the exception of settings particular to NTA deployment such as an updated schema with the flow information columns, (source/destination IP address, other flow template columns, etc.)

The FastBit DB doesn't contain any sensitive data other than what is in the flow data itself (which is also transmitted from device to collector in unencrypted UDP).  All logins, passwords, other secured data is still stored in SQL and protected by the MSSQL solution.  Please also note that FastBit doesn't support DELETE or DROP operations, so SQL injection is unlikely.

Every major release of NTA (as well as any other SWI product) goes through the Security Testing phase when product is checked for vulnerabilities and threats.

 

 

Last modified

Tags

Classifications

Public