I proposed to my security manager to give Client Systems Technicians access to SolarWinds in order to see a filtered view of log messages (Port security violations) of the switch clusters they have customers hanging off of. They do not have the required security clearance/certifications to view the confidential information that is held within SolarWinds. I tested it out and noticed that if you manually type in a view into the address bar you can get to any view you want to. Granted, it would be a limited view to the switch clusters in their respective areas, but I certainly don't want them to see the full syslog and search for commands typed into my switches. They don't need to know about my 802.1p/QoS I'm placing on their customer's ports ... They already complain about YouTube and Imgur not loading fast enough. I don't want them to know why.
Is there a way to lock down accounts to specific, non-modifiable views? Maybe have it throw up an error message when they try to navigate away from that page? I'm just a network tech and don't know servers, websites and such...
SolarWinds uses cookies on its websites to make your online experience easier and better. By using our website, you consent to our use of cookies. For more information on cookies, see our cookie policy.