Privacy Settings

Privacy

Overview

You can make custom configuration changes to the Netify agent that will anonymize any data before being passed on to any plugin. All changes can be made from the command line using an editor of your choice on the Netify configuration file.

If you are using Netify Informatics or sending data to any 3rd party service, it is advised to set up the privacy filter settings before enabling data sinks.

Configuration Settings

All privacy settings are configured in Netify's main configuration file, /etc/netifyd.conf.

In etc/netifyd.conf, if there isn't already, create a new section for privacy settings as follows: 

[privacy_filter]

Masking WAN IP Addresses

To prevent your WAN IP address(es) from being stored in any dataset, set the private_external_addresses attribute to true.

Enabling this directive will obfuscate all WAN addresses using 127.255.0.n / fe:80::ffff:7fff::n, where n will be substituted with an internal capture source ID, starting at 1. 

[privacy_filter]
private_external_addresses = true

Obfuscate LAN IP

If you would like to obfuscate one or more LAN IP addresses, add each IP address using the host[n] attribute: 

[privacy_filter]
host[0] = 192.168.1.1
host[1] = 192.168.1.2
...
host[n] = 192.168.1.n

Setting this directive will result in any lower IP address matches being converted to 127.255.0.253 / fe:80::ffff:7fff::fd, and 127.255.0.254 / fe:80::ffff:7fff::fd for upper IP address matches.

If you would like to obfuscate an IP, but maintain individuality, use two or more Pattern Matching directives instead (see below).

Obfuscate MAC Address

Similar to the host example above, if you would like to obfuscate one or more MAC addresses, use the mac attribute: 

[privacy_filter]
mac[0] = a3:c7:43:00:00:00
mac[1] = a3:c7:43:00:00:01
...
mac[n] = a3:c7:43:00:00:nn

Any matching MAC address will be converted to 00:52:14:00:00:00 if it is found in the lower MAC field or 00:52:ff:00:00:00 if it occurs in the other MAC field.

If you would like to obfuscate a MAC, but maintain individuality, use two or more Pattern Matching directives instead (see below).

Pattern Match/Replace

Netify's Pattern Match and Replace engine is a powerful regular express engine that performs post-processing bulk regex statements prior to metadata being available via any plugin.

Search strings are case-insensitive. It is recommended you try to keep the format of the data intact. As an example, an IPv4 address of 192.168.1.1 should be replaced with 0.0.0.0, rather than Johnson's Desktop.

[privacy_filter]
regex_search[0] = Acme
regex_replace[0] = A___
While the regex engine is much more powerful, it does require more processing power than the other options. Also, it may not be available on all platforms (some embedded devices). Feel free to contact us if you would like more information.

The preceding configuration code would remove all cases of Acme that might be found/extracted in the metadata and replaced with an A___ to preserve the identity of the "Acme" organization/brand. Examples include:

  • acme.com
  • Acme.local
  • ACME.DELL.WORKGROUP.LAN
  • acme.sharepoint.microsoft.com

Next Steps

Documentation


Netify DPI Agent


Technical Support

Haven't found the answers you're looking for?

Contact Us