Question in regards to the latest version of NCM and the security of the configuration files. I know the configuration files are stored in the Database, does anyone know if it is possible to pull these files directly from the SQL DB, bypassing NCM security.
I just want to verify users that are locked out of the NCM App, won't be able to pull the information directly from the Database. Or if someone can take a backup of the Orion DB and essentially have all the device configurations contained within it.
if you have the Need to secure your NCM then do so.
A user with the rights to connect to the Orion DB can of course read the specific table (ConfigArchive). But this user has possible the access to the folder of the ConfigArchive, too.
So implement limitations.
First do anyone need a remote access to your Orion DB if not so then filter it. If you have a Microsoft machine (win 2012 R2) or something like that then take advantage of your firewall.
Also reduce the rights of access the configarchive folder for only a specific AD-Group.
If a NCM user is disabled he has no read-access anymore on your Oron DB.
For your backup Szenario please use an encryption such as bitlocker or other really fancy products.
So in my point of view you have to secure your machine and your applications on your NCM.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.