Secure configuration for Kiwi CatTools NG
This topic applies to KCT NG 2026.2 and later. If you are on KCT 3.12.7 or earlier, see legacy topic.
This document describes best practices for securing Kiwi CatTools NG.
Best practices
Create an encryption password
Enable a database encryption password when KCT NG is run to limit unauthorized access. Once the password is enabled, the system will prompt you to enter your password every time you open KCT NG. See Change encryption password for details.
Review your file transfer protocol
SolarWinds does not recommend usage of Trivial File Transfer Protocol (TFTP) in KCT NG due to potential security vulnerabilities. If TFTP must be used, it is highly recommended to take precautions and limit its exposure to your local network. See TFTP server security options for details.
Manage sensitive data in exported devices files
Delete or securely store the data contained in the device list .txt file after exporting devices to a tab delimited file. Data contained in the exported devices .txt file may contain information that is subject to security vulnerabilities.