Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2024! Seize endless possibilities! LEARN MORE
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Colin-Albert
MVP
MVP
‎2009-04-29 01:43 PM

QlikView Security

We are looking at hosting QV so it is directly accessible from the internet. We are currently viewing over the VPN but this is one too many steps for some of the sales force, and one more thing (well several actually) to go wrong.

We have done this in the past with other web apps but recently discovered that one of the apps had a secuiry flaw which meant that an unauthorised user could bypass the built-in security (did not use NTFS based permissions) and access the information it usually presented to authenticated users only. When contacting the supplier to query this, they stated that the 'Application' was not designed for direct internet use and should only be used across a VPN as it is not secure enough in this version and that a later release would be more secure.

With this in mind, I have been hesitent to open QV to the wider web. I have read through "CHAPTER 6 QLIKVIEW SERVER 8 SECURITY" and can't see any thing saying "Don't connect QV directly to the internent". I have also read through several discussions e.g. "QVA for IE through https tunnel is seen as nonsecure" and assume it's ok.

I think it's better to be safe than sorry, so I'm posing the question here…

Thanks.

531 Views
0 Likes
2 Replies
yblake
Partner - Creator II
Partner - Creator II
‎2009-04-29 02:05 PM

Different hints for you :

- You can push Application by mail using Publisher

- You can publish Ajax applications, and rely on IIS authentication like other webapps.

- If you have identified sales people, you may restrict QVServer port (default 4747) to some mac address by firewall settings

- You can work with the DMS service to identify users by different ways (changing password SecureId cards,...)

But the truth is that Internet is public, and all softwares may have "holes" (as you can see with browsers security patches). So showing data thru the net is always a risk, and i'm quite sure no editor will guaranty total safety...

In our country, the QlikTech license contract says that they guarentee that software is conform to the documentation and no other warranty, and you accept to use it "as it is".

If security is an important matter, I recommend you to ask for professional services at Qliktech to best implement your concerns.

214 Views
0 Likes
Not applicable
‎2009-04-29 10:05 PM

There are lots of Internet-attached installations of QlikView. How secure is it? Well, it's a proprietary product and I doubt there's any real data on when installations have been compromised.

214 Views
0 Likes