Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

Enhanced Security for SolarWinds Windows Agent by Using a Least Privileged Account

Summary: The current implementation of the SolarWinds Windows Agent runs under the Local System account, which has extensive privileges on the system. For improved security and adherence to the principle of least privilege, it is essential to have the option to configure the Windows Agent to run under a designated, least privileged account. This account should be customizable and have only the permissions necessary for the monitoring tasks.

Feature Request Details:

Overview: The SolarWinds Windows Agent currently operates using the Local System account, which has broad access rights that could pose a security risk. To enhance security, it is important to have the capability to run the agent under a separate, customizable account with restricted permissions.
Required Functionality:
- Customizable Account Setup: Provide an option in the SolarWinds configuration settings to specify a custom Windows account for running the agent.
- Least Privilege Account: The account should be designed to have only the minimum permissions necessary for the monitoring and management tasks. It should not have administrative rights or other unnecessary privileges.
- Documentation and Guidelines: Offer detailed documentation on how to set up and configure this account, including recommendations for the minimum permissions required and best practices for securing the account.
Security Benefits:
- Reduced Risk: By running the agent under a least privileged account, the potential damage from a security breach is minimized.
- Compliance: Helps meet security compliance requirements and best practices by adhering to the principle of least privilege.
- Enhanced Control: Provides better control over the security posture of the monitoring environment.
Additional Considerations:
- Ensure that the process for setting up and switching to a least privileged account is straightforward and well-documented to avoid implementation issues.
- Consider adding features that allow for periodic review and updating of permissions for the designated account.

Impact: This feature will significantly improve the security of SolarWinds installations by aligning with security best practices and compliance requirements. It will also provide administrators with more control over the permissions and security posture of their monitoring setup.

Find more posts tagged with

Status: None

Comments

mmcdowell

This just makes so much sense from a security perspective!! This is an easy upvote in my opinion!

obaid.rahman

or use the MST file and deploy agents on all servers. Doesnt require any account and you will still be able to monitor SAM devices.

NVSteven

This requires a 3rd party tool. SolarWinds should make it easier to deploy agents from the console.