Submit a ticketCall us

Have You Auto Renewed? If not, you're missing out.
The SolarWinds Renewal Program comes with a host of benefits including the most recent product updates, 24/7 technical support, virtual instructor-led training and more. Experience all of this with the convenience of Auto Renewal, and never worry about missing any of these great benefits. Learn More.

Home > Success Center > Log & Event Manager (LEM) > LEM Administrator's Guide > LEM security checklist: Ensure that only authorized users can access LEM

LEM security checklist: Ensure that only authorized users can access LEM

Updated: October 23, 2017

Complete the tasks on this checklist to help prevent unauthorized users from accessing LEM.

General security tasks

  1. Read the "Log & Event Manager Appliance Security and Data Protection" blog post on Thwack. 

Securing the LEM Manager and the LEM consoles

  1. Run the activate command from the CMC command line.

    Run this command to export the SSL certificate that ensures secure communications between the LEM desktop console and the LEM Manager.

    See Run the activate command to secure LEM and configure network settings for steps.

  2. Set the minimum password requirements for local LEM user accounts.

    See Set the global password policy for LEM users for steps.

  3. Restrict the filters that Monitor role users can access.

    See Specify the filters that users assigned the Monitor role can use in the LEM console for steps.

Securing the CMC command-line interface

  1. Change the default CMC password.

    See Change the LEM CMC password for steps.

  2. Restrict SSH access to the CMC command-line interface.

    (Optional) This procedure blacklists everyone from logging in to the CMC interface except those users who connect from an explicitly allowed IP address or host name.

    See Restrict SSH access to the LEM CMC interface for steps.

Securing the LEM reports application

  1. Secure the LEM reports application.

    See Restrict access to the LEM reports application for steps.

  2. Enable transport layer security (TLS) between the LEM reports application and the LEM database.

    (Optional) The Transport Layer Security (TLS) option introduces an extra level of security for data transfers between a LEM database and the Reports application.

    See Enable transport layer security (TLS) in the LEM reports application for steps.

Last modified

Tags

Classifications

Public