NetBackup IT Analytics Security and Encryption Reference

Encryption: NetBackup IT Analytics uses a FIPS 140-2 cryptographic library for at-rest encryption and in-flight encryption. However, full support for FIPS 140-2 is not enabled.

Communication and data transfer: NetBackup IT Analytics complies with both IPv4 and IPv6 for transferring data securely over the public and private networks. SSL/TLS protocols are followed for communication between networked systems. TLS 1.2 and TLS 1.3 are supported.

Network security: NetBackup IT Analytics adheres to Public key infrastructure (PKI) and 2-factor authentication for network security. Network can be configured to require Single Sign-on (SSO) in such a way that the PKI or 2-Factor Authentication of the SSO is inherited by NetBackup IT Analytics.

On Linux, NetBackup IT Analytics is supported on RHEL which is configured to be STIG compliant. Apache, Oracle, and Tomcat subsystems of the product are STIG compliant. Application security and development requirements are met for all category-1 items as well as some category-2 and -3 items.

Security Technical Implementation Guide (STIG): NetBackup IT Analytics is supported on STIG-compliant RHEL. Moreover, the Apache, Oracle, and Tomcat subsystems are STIG compliant. The application security and development requirements adhere to CAT 1 STIG compliance level.

NetBackup IT Analytics data security at rest: NetBackup IT Analytics users who want to ensure their NetBackup IT Analytics data stored in Oracle Database is encrypted at rest must use the Oracle feature Transparent Data Encryption (TDE). TDE is part of the Oracle Advanced Security. It is available as an additional licensed option for the Oracle Database Enterprise Edition.