If a user clicks on a node or other network resource for further analysis, SolarWinds EOC displays the appropriate page by connecting to the SolarWinds Web Console hosting the data. Users must log in to the SolarWinds Web Console with valid credentials, but these credentials can be supplied by two ways:
To allow automatic SolarWinds Web Console logins for all users:
SolarWinds EOC does not encrypt the automatic login credentials appended to the URL. It is possible for an attacker to intercept your HTTP requests and obtain SolarWinds NPM credential information.
For this reason, we recommend you only allow automatic website logins if your SolarWinds Servers are hosted on secure HTTPS web sites. The HTTPS protocol encrypts the URL string, making it more difficult for an attacker to compromise your security.