Security:

Yes netdata listens on whatever interface has network connectivity, but it does not access anything outside your network to transmit data, and does not forward any ports to itself using UPNP or NAT-PNP. The only way this would be open to the world is if you set up a port forward. It is not "open to the world" if you install it on a public facing server unless you have no firewall set up on the machine. That would be your own problem, and not one for Netdata to solve.

"netdata keeps all the data on the server they are collected." from their Wiki since nobody here read it.

Centralization:

There are already a ton of products out there that harvest monitoring data from agents and put it in a database on a central server. If you like that model, then go use it. This is not that, and was never designed to be that. It uses cookies and other stuff in your browser to see what other Netdata servers you have accessed (with that browser). That data (stored in your own browser) is used by the netdata dashboard on any of the servers to build a jumplist so you can jump to those machines from within the WebUI. If you REALLY want a centralized place to dump data from all machines, you will have to use the features from this latest release to ship data to Grafana, or some other visualization stack. If you bothered to read the release you would know about the Backends they support:

"netdata supports data archiving to backend databases:

Graphite
OpenTSDB
Prometheus
and of course all the compatible ones (KairosDB, InfluxDB, Blueflood, etc)" - from the wiki

Again, this is all information that can be gathered by reading the release, and the front page of the Wiki. I have only used Netdata on one machine so I am no expert so don't ask me to explain things in more detail. Shit, this post was probably too long for you so I'll make a TL;DR for those who have the attention span of a doorknob.

TL;DR RTFM and stop crying.

or go here and start reading.
https://www.reddit.com/r/sysadmin/comments/5pvg5n/netdata_the_opensource_realtime_performance/

@scottalanmiller They have a management VLAN which customer service reps have access to.

If these users are installing the agent manually on thousands of machines, they are overworking themselves. Automation is the modern way of doing things.

I plan on monitoring routers with it. Routers that customer service reps will need to know the status of at the drop of a hat when dealing with customers relying on them for internet links.

I've been using it to monitor a new firewall distribution that we have been testing for a few months now. It's great for real-time data collection, seeing everything in one neat package.

If you want authentication, use a mainstream webserver instead of the built-in. It says so right there in the wiki.

You may not have a need for it in the small business world (MSP I assume) but to others with specialized projects or need realtime monitoring on a simple and easy-to-read dashboard, it's perfect.

@scottalanmiller So none of your clients have site-to-site VPNs? Not for printers? Not for legacy applications? What's terrible about opening the port for the webUI to local machines? I could see forwarding the port to the open world to be questionable for security since this is such a new product.

All of my machines have local firewalls built with FireHOL and ansible to distribute the config. I plan on using netdata on both my public facing servers (their own firewalls) and machines in a LAN.

Offtopic: your video insinuates Webroot has very low overhead, it does not with stock settings. I've got it installed on 80 windows servers and 1500 workstations. We are looking to move away from it simply because of all the issues it caused on terminal servers.

or go here and start reading.
https://www.reddit.com/r/sysadmin/comments/5pvg5n/netdata_the_opensource_realtime_performance/

Security:

Yes netdata listens on whatever interface has network connectivity, but it does not access anything outside your network to transmit data, and does not forward any ports to itself using UPNP or NAT-PNP. The only way this would be open to the world is if you set up a port forward. It is not "open to the world" if you install it on a public facing server unless you have no firewall set up on the machine. That would be your own problem, and not one for Netdata to solve.

"netdata keeps all the data on the server they are collected." from their Wiki since nobody here read it.

Centralization:

There are already a ton of products out there that harvest monitoring data from agents and put it in a database on a central server. If you like that model, then go use it. This is not that, and was never designed to be that. It uses cookies and other stuff in your browser to see what other Netdata servers you have accessed (with that browser). That data (stored in your own browser) is used by the netdata dashboard on any of the servers to build a jumplist so you can jump to those machines from within the WebUI. If you REALLY want a centralized place to dump data from all machines, you will have to use the features from this latest release to ship data to Grafana, or some other visualization stack. If you bothered to read the release you would know about the Backends they support:

"netdata supports data archiving to backend databases:

Graphite
OpenTSDB
Prometheus
and of course all the compatible ones (KairosDB, InfluxDB, Blueflood, etc)" - from the wiki

Again, this is all information that can be gathered by reading the release, and the front page of the Wiki. I have only used Netdata on one machine so I am no expert so don't ask me to explain things in more detail. Shit, this post was probably too long for you so I'll make a TL;DR for those who have the attention span of a doorknob.

TL;DR RTFM and stop crying.