Help
With the ever-increasing frequency of cyber-attacks, it is important to follow guidelines and best practices as an initial step to ward off potential threats. This page is intended to provide you with the necessary guidelines to help us meet our shared goals to enhance security and prevent possible intrusions.
It is recommended to enable HTTPS in Network Configuration Manager to secure your login. All communication between the product server and the agents will take place using the HTTPS protocol if this option is enabled. To do this, go to Settings -> General Settings -> Security Settings, enable "Secure Mode" in the SSL configuration tab and follow the steps given here.
Two Factor Authentication (TFA) provides an additional level of authentication and improves security and prevents unauthorized access. TFA requires the user to either provide a unique time-based one time password (TOTP) generated through Authenticator Apps, or a one time password (OTP) sent to the user's configured email address during login.
For more information on Two Factor Authentication, Learn more.
Network Configuration Manager's password policy encourages users to employ strong passwords in order to enhance security and prevent unauthorized logins due to password-guessing.
Another possible defense against password-guessing attacks is enabling an account-lockout, which means the account will be locked after a specified number of invalid or failed login attempts. Learn in depth about Network Configuration Manager's password and lockout policies here.
Ensure that you maintain controlled access to the product by providing only the required level of access to individual users using User Roles. Network Configuration Manager provides a wide range of options to customize the appropriate access levels for every individual user in the organization, ensuring fine-grained authorization.
In Network Configuration Manager, multiple users can be created, and their level of access across different modules of the network can be customized. This prevents unwanted changes to the network and helps in managing the network by letting the administrator determine which parts of the network the individual user is privy to. Learn more.
Configuring domain details for AD authentication with LDAPS allows secure communication with domain controllers. Click here to learn more about AD authentication in Network Configuration Manager and how to enable LDAPS.
If 'Network Shared Folders' are configured in the product, then ensure the folders are secure.
Ensure that you frequently check for an upgrade to the latest version of Network Configuration Manager to avail the latest features and to guard against possible vulnerabilities. Also, periodically back up application data and database. To learn more about how to upgrade to different versions of Network Configuration Manager, kindly refer to the Service Packs page here.
Customer security is our number one priority. Stringent security policies go into the development of ManageEngine ITOM products. Learn more about our security policies here.