ipMonitor :: Strengthening Security with the Credentials Manager

Welcome: Guest | Sign-In

Download Center | Release History

SolarWinds Home | Contact Us

Search for: in

NOTE: This site is no longer maintained. Upgrade to ipMonitor v9 here.

Portal Home

Downloads & Resources

Knowledge Center

>	Administrator's Guide

>	Tutorials

Tips

FAQs

>	SOAP Documentation

SNMP Center

>	OID Tree

>	MIBs, By Name

>	MIBs, By Category

NOTE: This site is no longer maintained. Upgrade to ipMonitor v9 here.

Knowledge Center > Tips

Strengthening Security with the Credentials Manager

The Credentials Manager is part of the overall ipMonitor security strategy. It's used with individual Monitors, Alerts and features that require access to Windows® file system objects or Services. The Credentials Manager allows Monitors and Alerts to run under a designated network NT account permitting the software to use elevated privileges only when required.

Credentials are the property of an Administrator on the system. As such, only Administrator accounts may add, delete or edit a Credential.

If Users are to employ Credentials, the Credential itself must explicitly allow for use by others, or the Administrator must apply the desired Credential.
If access to the Credential is granted, it can also be revoked by specifying that the Credential May only be authorized for use by the owner from the Usage Restrictions section.

In the event of multiple Administrator accounts, all Administrators have access to view the Credentials; however, a Credential can only be edited by the Administrator who created it. If a different Administrator needs to edit a Credential, the Credential has to be overridden. The Administrator must take ownership of that Credential, therefore resetting it, then must re-enter the Credential data.

Warning! If the Administrator grants use of a Credential that allows for transmitting the password in clear text, a User can easily obtain the full account and password information by retrieving the packet captures and log files ipMonitor has transmitted from a restricted file.

Additional Information

If you use the Credentials Manager without installing a SSL Certificate, the Credentials Manager will not transmit sensitive data unless you're accessing ipMonitor from the local machine.

To protect the integrity of Credential data, ipMonitor uses RSA 512/1024-bit key encryption technology to store all sensitive NT account information and Credential configuration parameters.

Note: We recommend you always use Credentials with any Monitor that requires access to Windows® file system objects or Services.

For information on other features and concepts related to those discussed in this article, refer to the following ipMonitor resources:

What Security Features does ipMonitor Offer?

Centralized Accounts and Passwords: The Credential Manager

Using the Credentials Wizard to Create Credentials

Using the Credentials Wizard to Apply Credentials

< Back

Last Updated: April 19, 2006 | What did you think of this topic?

Privacy Statement | Terms of Use | EULA | Contact | Site Map

Prices displayed do not reflect international pricing unless otherwise stated. Please see our international price list for current pricing specific to your location. All prices are subject to change without notice.

© 2003-2008 SolarWinds.net, Inc. All Rights Reserved. SolarWinds®, the SolarWinds logo, ipMonitor®, LANsurveyor®, and Orion® are among the trademarks or registered trademarks of the company in the United States and/or other countries. All other trademarks are property of their respective owners.