The increase in remote workers due to the Coronavirus is creating some additional challenges for IT, especially in security. I wanted to make sure you were aware of some SolarWinds® Security Event Manager (SEM) features that might help.
Are there other ways you’ve been using SolarWinds SEM to track your infrastructure security as more of your workforce is remote? Post them below.
I would also like to mention that waiting for the person to connect to VPN for an agent to upload logs might not be as useful. I recommend use reverse proxy and forward a public port into sem to access logs from a computer not connected to the VPN. This will have more semi-real time approach to tracking issues. If the computer has an internet connection you will have insight into there safety of the computer. Also, great troubleshooting tool if a person is unable to connect to VPN.
Both excellent recommendations. If you can safely place your SEM (or a collector) in a DMZ or utilize a reverse proxy (as you indicated) this is a way to get better details on remote workers.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process.