Skip to main content

Security considerations

This page describes the security best practices for Snow Extenders and their connection and data transfer between the different Snow products installed in your environment.

Custom encryption keys

The security considerations described below support a smooth migration of snowpacks and inventory files from the Snow Inventory Agents to Snow Atlas via the Snow Extenders.

The Snow Inventory Agent encrypts the inventory result, called snowpack files, using either a default encryption key or custom keys. For increased security, and for a safe migration to Snow Atlas without reverting to the default keys provided, the Snow Extender also provides an option to use your own keys for encryption and decryption of the snowpack/inventory files. For step-by-step instructions on how to configure custom encryption keys in Snow Extender, see Configure custom encryption keys.

Data encryption

The encryption/decryption files created and the data at rest stored by the Snow Extenders are compressed and then secured with AES 128 CBC.

Identified issues

  • Possible memory issues can occur when larger snowpack files are used.

  • A performance delay can be expected due to the added encryption and decryption steps in the configuration.