Submit a ticketCall us

Welcome to the NEW Success Center. Search all resources (documentation, videos, training, knowledge base articles) or browse resources by product. If you are unable to find what you are looking for, please contact us at customersuccess@solarwinds.com

 

 

 

 

Home > Success Center > Netflow Traffic Analyzer (NTA) > NTA Flow Storage Database security and penetration testing

NTA Flow Storage Database security and penetration testing

Table of contents
Created by Daniel Polaske, last modified by MindTouch on Jun 23, 2016

Views: 705 Votes: 0 Revisions: 4

Overview

This article provides brief information on requirements on security of the NTA Flow Storage Database when deploying the NTA Flow Storage Database.

Environment

NTA version 4.x or later

Detail

The NTA Flow Storage Database is nearly the same as the Fastbit database (https://sdm.lbl.gov/fastbit/) with the exception of settings particular to NTA deployment such as an updated schema with the flow information columns, (source/destination IP address, other flow template columns, etc.)

The FastBit DB doesn't contain any sensitive data other than what is in the flow data itself (which is also transmitted from device to collector in unencrypted UDP).  All logins, passwords, other secured data is still stored in SQL and protected by the MSSQL solution.  Please also note that FastBit doesn't support DELETE or DROP operations, so SQL injection is unlikely.

Every major release of NTA (as well as any other SWI product) goes through the Security Testing phase when product is checked for vulnerabilities and threats.

 

 

Last modified
20:55, 22 Jun 2016

Tags

Classifications

Public