Your security is important to us!!

Like many SaaS offerings, NetAnalytics stores data in a cloud-hosted, multi-account environment. We follow industry best practices in every aspect of secure data collection and storage.

NetAnalytics servers use an industry standard four-tier architecture, with security protocols at every layer. Even if someone gained unauthorized access to our system, the risk of them being able to compromise all four layers to see or make use of customer data is extremely low.

As soon as information from a network reaches the NetAnalytics system, it’s partitioned in such a way that it’s impossible for data to cross from one account to another.

At NetAnalytics, we make it impossible for non-approved employees to access customer information. Systems holding customer data are not exposed publicly and can only be accessed by authorized personnel through a controlled access mechanism. As well, we regularly rotate credentials based on industry best practices.

Security Architecture

Secure Collector

Using NetAnalytics begins with installing the NetAnalytics collector on a network. The collector is a piece of software code that uses different protocols to collect information about the network, such as topology details, configurations, and network statistics. The collector summarizes and sends that information to the NetAnalytics servers in the cloud over encrypted connections.When you deploy the NetAnalytics collector to a network, it’s uniquely configured to be associated only with the account that created it. There’s no way another NetAnalytics customer account can communicate with a collector you’re using, either accidentally or purposefully. The collector only establishes outbound connections; our cloud servers cannot establish an inbound connection.

Secure Communication

NetAnalytics uses these communication protocols to communicate with networks and cloud-based sources of network data:

•HTTP(S)

• ICMP

• mDNS

• NetFlow

• SMB

• SNMP

• SSH

• Syslog

• Telnet*

• TFTP

• UPnP

• WS

Secure Information Processing

  • NetAnalytics collects the authentication credentials of network devices.
  • NetAnalytics logs the configuration data of network devices.
  • NetAnalytics collects anonymized network metadata.
  • NetAnalytics doesn’t see any traffic content sent through a network.

A feature called NetAnalytics TrafficInsights™ allows you to troubleshoot network performance problems by collecting metadata about traffic flowing through the network. This metadata includes source address, source port, destination address, destination port, and amount of data transferred.

Secure Network Information

NetAnalytics uses the information gathered by the collector to deliver product features. For example, the information is used to draw a network map, create device profiles for inventory, and log device configurations.

NetAnalytics analyzes, distills, and visually renders network information, then shows it to your approved users through a secure login from a web browser.

Secure Access Control

Role-based access controls

NetAnalytics offers granular role-based access controls. Each user is designated a specific role on each client account. As a starting point, NetAnalytics offers seven preset roles. You can tailor each of these presets, as well as add custom roles you build yourself.

NetAnalytics Application Programming Interface (API) access

NetAnalytics exposes a set of APIs for customers and third-party integrators to tap into. Data accessed through the API is requested through a specified username and bearer token and is scoped to the set of client networks the user has access to.

For system-driven integrations, NetAnalytics also provides the ability to create an API-only user that revokes the ability to access any data through the NetAnalytics interface other than the user’s profile information.

Bearer tokens can be (re)generated or revoked from within a user’s profile.

NetAnalytics support access

NetAnalytics support team members usually need at least read-only access to your account to investigate and troubleshoot issues. You can grant the NetAnalytics support group one of three access levels:

1) Read-only

2) Admin (read/write)

3) No access

These access levels can be set globally (across all clients) or per client. The default access level is read-only.

Single sign-on

NetAnalytics provides single sign-on capabilities through two industry standards:

1) SAML 2.0

2) OAuth 2.0

SAML integration with an identity provider like Microsoft’s Azure Active Directory enables you to manage authentication from a central location and to use more advanced policies through your identity provider. You can choose who has to use SAML authentication.

If SAML authentication isn’t enforced, users can enable single sign-on with the OAuth protocol through Google’s G Suite or Microsoft’s Azure Active Directory. This can be set up after receiving their initial invitation to NetAnalytics or later through their user profile.

Two-factor authentication

For additional security, NetAnalytics requires two-factor authentication for all users that don’t use single sign-on. NetAnalytics two-factor authentication uses the time-based one-time password (TOTP) algorithm. TOTP ensures compatibility with mobile apps like Microsoft Authenticator, Authy, and Google Authenticator.

Secure Data Center

Physical security

NetAnalytics is hosted on Google Could Platform (GCP). Google’s physical and operational security processes are documented in Amazon Web Services: Overview of Security Processes, which outlines AWS data center controls such as:

• Physical and environmental security

• Fire detection and suppression

• Power

• Climate and temperature

• Storage device decommissioning

• AWS uses the techniques detailed in NIST 800-88 (“Guidelines for Media Sanitization”) as part of the decommissioning process.

Amazon’s fault-tolerant infrastructure design

Core applications are deployed in an N+1 configuration so that in the event of a data center failure, there’s sufficient capacity for traffic to be load-balanced to the remaining sites.

• Certification

AWS holds numerous security certifications, which can be reviewed at https://aws.amazon.com/compliance/.

Security monitoring

NetAnalytics monitors its production environment through a variety of means including log aggregation and monitoring, intrusion detection, and daily audits of the platform to ensure a strong security posture and a proactive approach to potential threats.

Application security

NetAnalytics’s software is developed and tested following the principles set out in the Open Web Application Security Project (OWASP) Top Ten framework to help ensure no vulnerabilities are deployed into production.

Vulnerability management and patching

NetAnalytics tests all code for security vulnerabilities before release, and regularly scans its network and systems for vulnerabilities.

Patches go through a quality assurance process before being scheduled for deployment. Critical and high vulnerabilities are released as hot fixes outside of the regular deployment schedule.

We use a third party to conduct annual vulnerability scans and penetration tests against NetAnalytics’s software.

Endpoint protection

NetAnalytics deploys anti-virus software on all employee laptops and desktops and manages the software centrally to make sure all signatures are up to date. NetAnalytics also performs daily vulnerability scanning and patching from a centralized management platform within our IT organization. With centralized reporting, we can make sure security incidents are properly quarantined and escalated for further action where needed.

Incident management

NetAnalytics has a defined process for managing security and privacy incidents. The process can be initiated by a NetAnalytics customer, internal employee, or the public. If a security incident is identified, we follow this high-level process:

• The security or privacy incident is identified and communicated to the Security Incident Response Team (SIRT).

• We assess the incident to determine its severity, priority, scope, and impact.

• We make recommendations for containing, eradicating, or recovering from the incident, then execute on the recommendations.

• Where applicable, we scan the environment(s) to make sure we’ve completely mitigated the incident.

• We communicate with internal resource teams, stakeholders, and NetAnalytics customers based on the findings of triage and analysis.

• We gather feedback and look at lessons learned to evolve our incident response process and procedures. Where applicable, we identify and log the incident’s root cause.

Vendors and subcontractors

NetAnalytics reviews all relevant vendors and subcontractors to make sure they also provide an appropriate level of security.

Security awareness

NetAnalytics has a security awareness program to ensure all employees understand the importance of security and how it intertwines with their workday.

New employees are required to take security training, and throughout the year we perform audits to make sure training is completed. We also have regular refresher training for all staff once per quarter to ensure security is top of mind for everyone at NetAnalytics.

NetAnalytics uses several intelligence sources to keep up to speed on the latest security threats. This information is shared regularly with staff to make sure everyone is aware of threats and knows what to do if they encounter them.