- Data transmission
- Data storage and deletion
- Experience scripts
- Packet capture
- Software monitoring points
- Audit log
- Administrative data access
AppNeta employs various methods to keep your data secure. In addition, you should make sure that you change the default password on your monitoring points and regularly upgrade the monitoring point software.
Common security-related questions include:
What is the password complexity requirements in APM?
APM passwords must contain a minimum of eight characters and must include uppercase alphabetic, numeric, and special characters. Password length and complexity requirements beyond our standards are supported through the use of SAML where password length and complexity is managed through the SAML IdP.
Does APM enforce password change frequency?
APM User Identity Management does not enforce password change frequency but end users are able to meet this requirement through the use of SAML where password expiry are managed through the SAML IdP.
Does APM enforce session timeouts? If so, for how long?
Yes. If a user session has been idle for more than 10 minutes, their session times out and they are required to re-authenticate to reactivate the session. The exception to this is on pages that stream live data updates, which do not timeout automatically.
How do you prevent brute force attacks? Do you block multiple failed attempts?
After 6 unsuccessful login attempts the message “Too many consecutive login failures, please wait a moment before trying again.” is presented.
- up to 5 attempts are allowed with no delay
- after 5 consecutive failures, a delay of 30 seconds is imposed with the above message presented
- the 30 second delay recurs after each subsequent failure
- all delays or failed attempts reset after the first success
- all delays or failed attempts reset after an hour of inactivity
How does the “ssl-tunnel” program restrict data flow to ensure the data is routed into the correct customer account?
Physical and virtual monitoring points communicate with the APM cloud application over an SSL/TLS tunnel ensuring a secure and encrypted transfer of all information between the monitoring point and the cloud application infrastructure. Within the cloud application infrastructure, each unique SSL/TLS tunnel connection is identified by the GUID associated with the monitoring point. Since each GUID is associated with exactly one organization, we ensure that all of the telemetry data arriving on that tunnel is directed to the data store and/or scheme associated with that organization.
Which security protocols do you allow between APM and the current generation of monitoring points (m25, m35, m50, m70, r45, r90, and r1000)?
On the server side, we are configured with protocol=SSLv2_3 which means it will accept any SSL version v2, v3, TLS1.0, or higher. That said, the current generation of modern monitoring points will always negotiate to the highest protocol level - TLS 1.2.
With regards to encryption and TLS/SSL tunnels, which security standards are used as guidelines?
AppNeta administrators subscribe to vendor, US-CERT, and other industry related vulnerability alerts to ensure that our team remains aware of potential vulnerabilities. We also run Rapid7 vulnerability scans on all releases to ensure that no new vulnerabilities have been created. With regard to TLS/SSL tunnels, we negotiate to TLS 1.2 whenever possible.
Data storage and deletion
How does AppNeta secure stored data?
AppNeta Performance Manager (APM) is hosted on Amazon Web Services. AppNeta uses industry accepted best practices to keep this installation secure. This includes Amazon security groups, firewalled ports, ssh-key based machine logins, and key rotation.
Data access is restricted solely to AppNeta employees, all of whom are under strict confidentiality agreements. Only key engineers may access production data, and then only for the purpose of debugging data-related issues as a last resort. In addition, AppNeta Support may access your web console to provide guidance as a result of specific incidents or requests.
When is data deleted?
Customer data is purged within 90 days of being decommissioned or contract termination.
How does AppNeta delete unneeded or expired data?
AppNeta utilizes NIST SP 800-88 on Data Sanitization as its guideline.
What security mechanisms are used with Experience Workflow scripts?
All Experience workflow script contents, including stored passwords, are encrypted while at rest within the APM database. Transmission of scripts and passwords between APM and the end-user browser is done through a secure channel (SSL/TLS). Password variables (identified by one of the names: “password”, “passwd”, “pwd”, or “secret”) are masked within the script editor.
What security mechanisms are used with packet captures?
APM uses standard encryption practices to ensure that the information in your packet captures is securely transmitted and stored.
Captures are uploaded to the Capture Server via SSL where they are encrypted using an AES 256-bit key prior to their transfer to Amazon S3. The symmetric key used for encryption is based on a per-monitoring point, user-defined passphrase. A one-way SHA-1 hash of the passphrase is stored only on the monitoring point.
Captures must be decrypted using the symmetric key created from the passphrase. You are prompted for a passphrase once per monitoring point per login session; the passphrase is cached only for the duration of the login session. The actual download is via SSL.
As part of monitoring point decommissioning (typically occurring when a monitoring point is deleted), the passphrase and packet captures that have not yet been uploaded are cleared. If the monitoring point is no longer being used for packet captures, but you aren’t decommissioning it, a separate clear passphrase function is available.
Software monitoring points
What security mechanisms are in place for communications with the s35 software sequencer?
Linux-based software monitoring points run as root and require outbound connections to APM servers to report the timing data and to download software updates. Timing data is sent back to APM via HTTPS. Software packages are downloaded from the upgrade repository via SSL. For the specific ports and protocols that are required by software monitoring points, see the Firewall Configuration page.
How can I tell what actions APM users performed?
The APM audit log file contains records of all actions performed on APM, when they were performed, who performed them, and where they were performed from. The .csv format audit log can be downloaded for review.
Only Organization Admins can download the audit log.
To download the audit log file:
- Navigate to > Download Audit CSV
- Specify the date and time range to download.
- Specify the organizations to download records for.
- Click Download.
- Open the downloaded .csv file.
Administrative data access
What is the access policy for AppNeta admins?
Access to systems and customer information in the AppNeta Performance Manager (APM) is controlled using a policy of need-to-know/least privilege. Access to all aspects of the application and supporting systems is reviewed quarterly to ensure access and access levels are appropriate. At the time of an employee role change or termination, access decommissioning procedures are executed as required.