Customize the Hover-Over Popup tooltip

Is there any progress on this?  With the changes in the way it's presented in 12.3 it's gone from "wishlist" to absolutely critical.  It now displays the first five custom properties for any given node.  Luckily that's not anything confidential in our case but it easily could be.

Unfortunately, the Solarwinds method of adding new features that might expose sensitive data has always been, "Let everyone see everything and let the Orion administrator randomly find out that people now have access to something they really shouldn't". Is there a new feature that requires specific permissions to be set? SW just gives everyone all the permissions to utilize it, regardless of what it is. It's infuriating, especially when there is nothing in the release notes that details what new account permission settings have been added or changed.

Did you know that whatever sensitive data exists in your custom properties can be located anyone with access to Orion? All they need to do is use the new search function to find the element(s) it is attached to and depending on what you display in the element manager, they might be able to view that information. You cannot disable the search function. Your only recourse is to delete the directory where the search files are located, breaking it for everyone.

The popups have always been a particularly sore subject for me, since you cannot disable them at all. If you have customers that you don't want seeing information about your hardware, you cannot stop them from just hovering over the node in the interface details page. Just have someone with permissions to only view one specific interface use the search to locate a network, say, 192.168. Perhaps this is the network that contains your out-of-band equipment that no one outside your company should know about, or your core router subnet, and the results appear for them to just hover over and see potentially sensitive details about it in the popup. Security! We've decided to discontinue allowing customers access to our Orion instance because of this.

Don't get me wrong - these new features are f'ng awesome, but there isn't a lot of serious thought behind some of the decisions in implementing them and the implications of how it might affect security. I really wish I had more time as an MVP to help beta test so that these ideas could be suggested before the product goes GA.

Unfortunately, the Solarwinds method of adding new features that might expose sensitive data has always been, "Let everyone see everything and let the Orion administrator randomly find out that people now have access to something they really shouldn't". Is there a new feature that requires specific permissions to be set? SW just gives everyone all the permissions to utilize it, regardless of what it is. It's infuriating, especially when there is nothing in the release notes that details what new account permission settings have been added or changed.

Did you know that whatever sensitive data exists in your custom properties can be located anyone with access to Orion? All they need to do is use the new search function to find the element(s) it is attached to and depending on what you display in the element manager, they might be able to view that information. You cannot disable the search function. Your only recourse is to delete the directory where the search files are located, breaking it for everyone.

The popups have always been a particularly sore subject for me, since you cannot disable them at all. If you have customers that you don't want seeing information about your hardware, you cannot stop them from just hovering over the node in the interface details page. Just have someone with permissions to only view one specific interface use the search to locate a network, say, 192.168. Perhaps this is the network that contains your out-of-band equipment that no one outside your company should know about, or your core router subnet, and the results appear for them to just hover over and see potentially sensitive details about it in the popup. Security! We've decided to discontinue allowing customers access to our Orion instance because of this.

Don't get me wrong - these new features are f'ng awesome, but there isn't a lot of serious thought behind some of the decisions in implementing them and the implications of how it might affect security. I really wish I had more time as an MVP to help beta test so that these ideas could be suggested before the product goes GA.