DCE Backup Contents

DCIM_Support · ‎2020-07-04

This question was originally posted on DCIM Support by Lai Yuan Jiun on 2018-05-02

Can you advise what is stored inside the DCE Backup files, does it include sensitive information such as all the usernames and passwords of the DCE users and discovered devices?

If yes, is it encrypted?

If it is not encrypted, how do we secure this backup?

DCIM_Support · ‎2020-07-04

This answer was originally posted on DCIM Support by spezialist on 2018-05-02

Dear Lai Yuan Jiun,

The DCE software backups stores all accounts usernames (i.e. for authorization in DCE software) in an unencrypted form. And DCE software accounts passwords are stored in a hashing and salting form (i.e. encrypted form). That is, DCE software accounts are fully protected.
Unfortunately, the accounts (logins and passwords for web and console login, but not SNMP community strings) for SNMP Devices File Transfer in the DCE software backups are stored in an unencrypted form. Therefore, the SNMP Devices account is not protected in any way. Please note, that this statement does not apply to the NetBotz Appliances File Transfer.

Hence the conclusion: any backups of the DCE software are best stored in storage with limited access, which is reliably protected in various ways.

With respect.

DCIM_Support · ‎2020-07-04

This comment was originally posted on DCIM Support by Francis Thong on 2018-05-08

Anything related to security should be taken seriously by Schneider.
Instead of relying on limiting the access to the files, isn't it better to have Schneider implement it as a feature inside DCE data export.

DCIM_Support · ‎2020-07-04

This comment was originally posted on DCIM Support by John Benedict Tayao on 2018-05-16

Hi Francis,

DCE backup encryption has been raised and logged as a feature enchancement. I dont have have any updates yet but I'll keep an eye on this and let you know of any update on this feature enhancement.

regards,

John

DCIM_Support · ‎2020-07-04

This comment was originally posted on DCIM Support by Francis Thong on 2018-05-22

Hi John,

Before the feature enhancement can be completed,

Can I know which are the directory and files that contains sensitive information that needs to be encrypted ?

Currently I trying to use GPG or GPG-ZIP to encrypt the entire directory but the full backup is too large.

So thinking of encrypting only the necessary files only.

Regards,

Francis

DCIM_Support · ‎2020-07-04

This comment was originally posted on DCIM Support by spezialist on 2018-05-22

Dear Francis Thong,

From your comment:

Can I know which are the directory and files that contains sensitive information that needs to be encrypted ?

Regardless of the type of backup, it is necessary to encrypt only one file - nbcServer.tar. This file contains unencrypted sensitive information, which I wrote about in response to this post.

With respect.

DCIM_Support · ‎2020-07-04

This comment was originally posted on DCIM Support by Francis Thong on 2018-05-22

Thanks for the update.

DCIM_Support · ‎2020-07-04

This question is closed for comments. You're welcome to start a new topic if you have further comments on this issue.

Invite a Co-worker

Invitation Sent