Hoping somebody can shine some light on this.
There has been a recent push within the org to get NOC views up in the office, get certain people access to view NPM, etc. with an ultimate goal of people being able to access NPM - at least in a read-only mode - from any device without needing to necessarily jump box (biggest desire is to be able to access the Orion NPM page from within the company's network w/out jumping).
Orion sits in our PCI environment. By necessity, everything that we need to monitor sits within a PCI environment (retail org). Orion does not appear to have the capability to support 2-factor authentication. We got Orion set up w/ an SSL cert and can now access it from the corporate network so that the state of the infrastructure has higher visibility, but one of our security guys is taking great exception to this, claiming we've just punched a hole in his PCI fortress by not mandating 2 factor authentication - which it doesn't appear we can integrate w/ Orion.
So my question(s) is/are: Those of you with Orion and a need to see it from anywhere, how do you handle a situation like this where Orion needs to be monitoring the PCI environment? Is the method we've employed even an issue? If so, what are our solutions?