Put Your Mind at Ease
AppNeta uses the latest industry-standard methods of security. We make sure that data transfer and data storage are completely secure. Our products take security into account from start to finish.
Rely on Strong Data Retention and Roll-ups
These built-in capabilities add to the security of the AppNeta platform:
- Monitoring Points that have been in a Connection Lost state for 365 days and do not have an active license are removed.
- Delivery data from continuous monitoring, diagnostics, voice and video tests are kept for 365 days.
- Path route history is retained for 90 days.
- Experience milestone details are kept for 45 days. Older tests will contain transaction performance and details only.
- Usage data is kept for 90 days with no limit on data size.
- Usage packet captures are kept for 365 days (subject to size limits).
Depend on Secure Storage
AppNeta Performance Manager is hosted on AWS. We use industry-accepted best practices to secure this installation, including Amazon security groups, firewalled ports, SSH-key based machine logins and key rotation. Data access is restricted solely to AppNeta employees, all of whom are under strict confidentiality agreements. Only key engineers may access production data, and then only as a last resort for debugging data-related issues. In addition, support engineers may access your web console to provide guidance as a result of specific incidents or requests.
Send Data Securely
AppNeta uses standard encryption practices to make sure that the information in your packet captures is securely transmitted and stored.
Captures are uploaded to the capture server via SSL, where they remain in encrypted form (AES-256). The symmetric key used for encryption is based on a per-appliance, user-defined passphrase, which you set in the web admin. The passphrase is stored on the appliance in a hashed form (SHA-1).
Captures must be decrypted using the symmetric key created from the passphrase. You are prompted for a passphrase once per appliance per login session; the passphrase is cached only for the duration of the login session. The actual download is via SSL.
As part of appliance decommissioning, the web admin clears the passphrase and packet captures that have not yet been uploaded. If the appliance is no longer being used for packet captures, but you aren't decommissioning it, a separate “clear passphrase” function is available.
The sequencer is the process that continuously monitors network performance. It does this by periodically sending out bursts of ICMP packets with a precise inter-packet gap, and then timing the response to each of those packets. Several measurements are taken directly, like latency and jitter, while other measurements are inferred, like total capacity. Timing data is is sent back to AppNeta via HTTPS; software packages are downloaded from the upgrade repository via SSL.