Related
Recommended

What We're Working On for SAM (Updated: February 8, 2021)

solarwinds_worldwide_llc
over 1 year ago

Following the Sunburst security incident, SolarWinds remains committed to the safety and security of our products and technology. Throughout 2021, we will prioritize security enhancements ahead of feature development to maximize customer safety and ensure confidence in SolarWinds and our products.  

Items currently being considered include, but are not limited to:

  • Vulnerability fixes identified by third-party scanning tools or recent product penetration tests (pentesting)
  • Documentation of least privileges for Orion Platform operation and monitoring including Orion agents
  • Validation of CIS IIS and SQL Server best practices
  • Secure settings by default with user control
  • Removal of any code unsupported by Microsoft
Anonymous
Parents Comment Children
  • over 1 year ago in reply to nafeeskhan29

    Just curious, what is the use case for making such a sensitive system accessible publicly on the internet? If you do, a CAPTCHA won't do very much to protect you from malicious actors who want to break in. I would highly suggest using a web application firewall and a reverse proxy to protect access to Orion. In your reverse proxy, use one that allows you to inject a login page with ties to MFA (multi-factor authentication). This will offer far more protection than a CAPTCHA, and would also separate attackers from the actual IIS attack surface.

  • over 1 year ago in reply to sturdyerde

    Can you elaborate on this recommendation a bit more? I'm not terribly familiar with reverse proxies, but I know our infrastructure team is implementing MFA in front of things like our Office 365 and our VPN. I'd love to increase the security of our Orion instance to allow it to be internet facing.

  • over 1 year ago in reply to ahbrook

    A reverse proxy can sometimes include web application firewall functionality (such as Citrix Netscaler / ADC). They can also add MFA at the point of reverse proxy, which puts the security closer to the edge, and can potentially stop malicious traffic before it even gets to your Orion login page.

SolarWinds solutions are rooted in our deep connection to our user base in the THWACK© online community. More than 180,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.

SolarWinds Customer Success Center Certification SolarWinds Lab Link Accounts
About THWACK Blogs Federal & Government Edit Settings Free Tools & Trials
Legal Documents Terms of Use Privacy California Privacy Rights Security Information
©2021 SolarWinds Worldwide, LLC. All Rights Reserved.