Insight Security

The 7.3.1 release of OnCommand Insight introduced security features that allow Insight environments to operate with enhanced security. The features include improvements to encryption, password hashing, and the ability to change internal user passwords and key pairs that encrypt and decrypt passwords. You can manage these features on all servers in the Insight environment.

The default installation of Insight includes a security configuration where all sites in your environment share the same keys and the same default passwords. To protect sensitive data, NetApp recommends you change the default keys and the Acquisition user password after an installation or upgrade.

Data source encrypted passwords are stored in the Insight Server database. The Server has a public key and encrypts passwords when a user enters them in a WebUI data source configuration page. The Server does not have the private keys required to decrypt the data source passwords stored in the Server database. Only Acquisition Units (LAU, RAU) have the data source private key required to decrypt data source passwords.

Rekeying servers

Using default keys introduces security vulnerability in your environment. By default, data source passwords are stored encrypted in the Insight database. They are encrypted using a key that is common to all Insight installations. In a default configuration, an Insight database sent to NetApp includes passwords that could theoretically be decrypted by NetApp.

Changing the Acquisition user password

Using the default 'Acquisition' user password introduces security vulnerability into your environment. All Acquisition Units use the “Acquisition” user to communicate with the Server. RAUs with default passwords can theoretically connect to any Insight server using default passwords.

Upgrade and installation considerations

When your Insight system contains non-default security configurations (you have rekeyed or changed passwords), you must back up your security configurations. Installing new software, or in some cases upgrading software, reverts your system to a default security configuration. When your system reverts to the default configuration, you must restore the non-default configuration in order for the system to operate correctly.

Managing keys in a complex service provider environment

A service provider can host multiple OnCommand Insight customers collecting data. The keys protect customer data from unauthorized access by multiple customers on the Insight server. Each customer's data is protected by their specific key pairs.

This implementation of Insight could be configured as shown in the following illustration.

You need to create individual keys for each customer in this configuration. Customer A requires identical keys for both RAUs. Customer B requires a single set of keys.

The steps you would take to change encryption keys for Customer A:
  1. Perform a remote login to the server hosting RAU1.
  2. Start the security admin tool.
  3. Select Change Encryption Key to replace the default keys.
  4. Select Backup to create a backup zip file of the security configuration.
  5. Perform a remote login to the server hosting RAU2.
  6. Copy the backup zip file of the security configuration to RAU2.
  7. Start the security admin tool.
  8. Restore the security backup from RAU1 to the current server.
The steps you would take to change encryption keys for Customer B:
  1. Perform a remote login to the server hosting RAU3.
  2. Start the security admin tool.
  3. Select Change Encryption Key to replace the default keys.
  4. Select Backup to create a backup zip file of the security configuration.