With the ever-increasing frequency of cyber-attacks it is important to follow guidelines and best practices as an initial step to ward off potential threats. This page is intended to provide you with the necessary guidelines to help us meet our shared goals to enhance security and prevent possible intrusions.
It is recommended to enable HTTPS in OpManager to secure your login. All communication between the product server and the agents will take place using the HTTPS protocol if this option is enabled. To do this, go to Settings -> Security Settings, enable "Secure Mode" in the SSL configuration tab and follow the steps given here.
Two Factor Authentication (TFA) provides an additional level of authentication and improves security and prevents unauthorized access. TFA requires the user to either provide a unique time-based one time password (TOTP) generated through Authenticator Apps, or a one time password (OTP) sent to the user's configured email address during login. Learn more.
OpManager's password policy encourages users to employ strong passwords in order to enhance security and prevent unauthorized logins due to password-guessing.
Another possible defense against password-guessing attacks is enabling an account-lockout, which means the account will be locked after a specified number of invalid or failed login attempts. Learn in depth about OpManager's password and lockout policies here.
Ensure that you maintain controlled access to the product by providing only the required level of access to individual users using User Roles. OpManager provides a wide range of options to customize the appropriate access levels for every individual user in the organization, ensuring fine-grained authorization.
In OpManager, multiple users can be created and their level of access across different modules of the network can be customized. This prevents unwanted changes to the network and helps in managing the network by letting the administrator determine which parts of the network the individual user is privy to. Learn more.
Configuring domain details for AD authentication with LDAPS allows secure communication with domain controllers. Click here to learn more about AD authentication in OpManager and how to enable LDAPS.
Enable Data Protection in security settings to access scheduled reports securely. To enable Data Protection, go to Settings -> Security Settings -> Data Protection.
If 'Network Shared Folders' are configured in the product, then ensure the folders are secure.
Ensure that you frequently check for a upgrade to the latest version of OpManager to avail the latest features and to guard against possible vulnerabilities. Also, periodically back up application data and database. To learn more about how to upgrade to different versions of OpManager, kindly refer to the Service Packs page here.
Customer security is our number one priority. Stringent security policies go into the development of ManageEngine ITOM products. Learn more about our security policies here.
Thank you for your feedback!
