LDAP credentials
LDAP server passwords are encrypted with AES 256-bit. A default 256-bit AES encryption key is used in all cases of installations of Foglight®. This encryption key is stored in a Java keystore protected by a Foglight master password. Customers have the ability to change the encryption key after installation by using Foglight to generate a new key. Quest recommends customers change the default Java keystore password upon the installation of the Management Server.
Management Server repository database credentials
The login credentials for the database administrator account on the Foglight® repository are encrypted in identical fashion as the LDAP credentials, using the same encryption key.
Foglight agent credentials
Foglight® cartridges include agents that require access to service account login credentials on the systems or applications that they monitor. Foglight stores these credentials in the repository database which is protected by access control. Any agent property that is marked as sensitive is masked during display in user interface consoles.
All agent properties are stored encrypted in an XML configuration file on the monitored host.
Database repository
Collected data from Foglight® agents is stored in the repository database, which is protected through user access control. This data contains collected metrics and statistics about the systems on the monitored hosts, as well as agent configuration parameters.