At the moment we have NPM, NTA, etc on a server that our customers can only get to if they are on their corporate network. We are thinking of making this more available to end users by publishing on internet.
It is usually our preference to add additional layers of authentication and security, I just cant figure out if we are being a bit paranoid?
My question is: Do you put Solarwinds directly on internet (behind firewall) or do you use some sort of additional authentication, proxy, appliance, etc?
Also, can anybody point me at a guide for securing/publishing Solarwinds on WWW?
There are plenty of users who place Orion Additional Web Servers directly on the Internet. I would however at minimum recommend requiring HTTPS/SSL to ensure any sensitive information is properly encrypted. I've also successfully used CheckPoint's Connectra as a clientless VPN that essentially acts as reverse proxy, SSL offload, and IDS/IPS device to add an additional layers of security. I've done the same using Microsoft''s Forefront Threat Management Gateway, though it appears Microsoft is in the process of discontinuing this product.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.