Updates on the security and privacy of your AutoSupport telemetry data

NetApp continually enhances the most secure storage on the planet. Recently we’ve been working on how we handle NetApp^® AutoSupport^® telemetry data. This is the data that you send to NetApp so that we can automate case creation, with 98% of all issues detected or predicted by Active IQ^® before you’re aware of the issue. Sending AutoSupport telemetry data on a regular schedule cuts the number of severity 1 support cases by half. The telemetry data also allows NetApp to solve support cases twice as fast, on average.

We’ve always worked hard to secure any data sent to us. Here are some of the things that NetApp does to keep your data secure and private.

For a long time, NetApp has:

• Never sold or shared telemetry data (outside of your partner).
• Provided the ability to send telemetry data via an encrypted transport.
• Separated out personally identifiable information (PII) and company identifiable information (CII).
• Stored all PII, CII, and secure customer data in separate encrypted databases with strong role-based and logged access control.

Recently NetApp has made the following significant enhancements to the way that we secure telemetry data.

Removal of contact information (PII) as of ONTAP 9.16.1

In NetApp ONTAP^® 9.16.1, the optional contact information and location information of the system has been removed. This was always an optional field, but NetApp removed the option of specifying it. Instead, customers need to make sure that their contact and location information are both set when the system is registered for support. A nontechnical support case can also be opened to change contact information.

AutoSupport telemetry data can no longer be sent over HTTP 

NetApp has long defaulted the communication method for AutoSupport telemetry data to HTTPS, which uses TLS version 1.2 or later (ONTAP 9.11.1 and later use TLS 1.3.). However, the transmission of AutoSupport over HTTP was still allowed. Recently, NetApp has stopped accepting HTTP and will soon remove the option from all storage operating systems.

ONTAP now supports SMTP with TLS

NetApp has long defaulted the communication method for AutoSupport telemetry data to HTTPS, which uses TLS version 1.2 or later. However, transmission over SMTP was still allowed. Some customers need to transmit AutoSupport telemetry data via SMTP in air-gapped environments. ONTAP 9.15.1 and later have been enhanced to use TLS to transmit SMTP to the mail server.

Encryption at rest for all data

The AutoSupport telemetry data that contains PII, CII, and secure customer data has long been encrypted at rest. Now, all telemetry data is encrypted at rest. NetApp uses its own encryption technologies for data storage, technologies used by our thousands of customers to secure their data.

This was an overview of the information. For more detailed and technical information, read the technical report on the security and privacy of NetApp telemetry data (TR-4688). It was most recently updated with this information in February 2025 as of the publishing of this article. For more information on how to enable AutoSupport see this Knowledge Base (KB) article.