nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Community
- Command Central
- MVP Program
- Monthly Mission
- Blogs
- Groups
- Events
- Media Vault
Products
- Observability
- Network Management
- Application Management
- IT Security
- IT Service Management
- System Management
- Database Management
Content Exchange
- SolarWinds Platform
- Server & Application Monitor
- Database Performance Analyzer
- Server Configuration Monitor
- Network Performance Monitor
- Network Configuration Manager
- SQL Sentry
- Web Help Desk
Free Tools & Trials
Store

NCM Terminal access

Ovad

Access nodes CLI directly via NCM using buit-in shell (terminal access ssh, telnet) and record the session in NCM DB.
Restrict specific commands from being used based on policy through active terminal access session.
If policy violation occurs run approval flow.

There are some security tools that do the same it would be great having this part of NCM (restorepoint/universal console, EMC NCM- Voyance, IBM Netcool)

Thank you,

Ovad

Find more posts tagged with

Status: None

Comments

fruit

Yes, it's a great feature. Mainly, people should see CLI before they apply a command. "Execute script" in NCM - also great, but built-in CLI also must have.

francky3084

I agree ! I came from a HP IMC environnement and this feature miss me a lot ... It's really usefull in many cases as for example when you occurs connectivity issues outside the supervision server.

djschaap

Cisco ACS & TACACS+ provide command-level authorization with the ability to log every command - that would cover (2) and most of (1). Granted, that is applicable only to Cisco environments; this idea would be vendor-neutral but would not protect direct telnet/SSH/console access (that would need to be secured via other means).

(3) could be very difficult to implement, as the specific non-authorized command being sent through the NCM approval system may be dependent on some approved & already-executed commands entered during the interactive session. When the approval & execution happen hours/days later, likely in another session/context, the command may be useless or even harmful.

It would be very convenient to have a small in-browser (JavaScript?) telnet/SSH client with the ability to automatically log in (authenticate) on each node page.