|Applies To||RSA NetWitness NextGen|
RSA NetWitness Informer
RSA NetWitness Informer 184.108.40.206
RSA NetWitness Informer 220.127.116.11
RSA NetWitness Informer 18.104.22.168
|Issue||How to perform a secure data wipe on an RSA NetWitness Informer appliance.|
*** WARNING ***
Following method ensures secure deletion of majority of sensitive data on Informer appliance, however there might be some residual data (IIS logs, page files, temporary files, crashreports/memory dumps, etc) that can remain on the system. If you want to ensure that no residual data remain on the system you would have to use LiveCD to wipe entire HDD including Operating System, however this procedure needs to be consulted with support before wiping entire HDD.
You can use any utility that conforms to your prefered standard of secure data deletion. One of such utilities is Eraser utility (http://eraser.heidi.ie/) that offers good selections of secure methods for wiping the data.
1) Uninstall Informer.
2) Use Eraser utility to wipe the following directories (include all sub-directories included files):
3) Finally, use Eraser utility to wipe unused disk space on the C: or D: drives that contained the 3 directories in 2) above. This will wipe out all deleted data in any unused space on C: or D: drives, including all data deleted in 2) above.
Refer to the screenshots below on sanitizing standards offered by the eraser utility and brief explanation of some of them from the Appendix of the RSA NetWitness Administration documentation.
We can not guarantee that the eraser utility conforms to any of the listed standards since this is a public utility.
|Legacy Article ID||a58895|