This discussion has been locked. The information referenced herein may be inaccurate due to age, software updates, or external references.
You can no longer post new replies to this discussion. If you have a similar question you can start a new discussion in this forum.

Kiwi application security - help!!!

FormerMember
FormerMember

|Hi all

i have just been told by my security team that i need to stop using kiwi, as we have no way to know what person did what change on a device.  i.e. 2 people log into the kiwi server at the same time, and do something naughty in a config...  there is no way to know which person made the change

is there a way to make people authenticate before being let into kiwi application?

cheers

dan

  • Hi dan,

    Kiwi CatTools was not designed to be used as a mutli-user application.  By having multiple users logged in to CatTools at the same time may cause issues and as such is not recommended.

    Being a single user system, there is therefore no user authentication functionality to get into the application.  Access to the UI however can be restricted by setting an access password: Change encryption password

    The only way I can think of to facilitate your requirement using the current release of CatTools would be to do it at a device level (i.e. set-up individual credentials on the device for each of your users, to track the changes at a device level). However you'd then need to have multiple installations of CatTools (on different servers) and add your devices to CatTools specifying these individual credentials.

    Alternatively, you may want to consider SolarWinds Network Configuration Manager (NCM) which may suit your requirements: Network Configuration Manager | NCM | SolarWinds

    You may also want to post to the CatTools Ideas & Feature Request area too to see what sort of following adding user authentication to the product generates:  http://thwack.solarwinds.com/community/tools_tht/kiwi-family/kiwi-family-feature-requests

    Regards,

    Steve