In this section, we highlight several security aspects of
the Opsview Monitor system.
Opsview Monitor's web authentication uses an authentication ticket (TKT) with a shared secret and
must be set to a unique value for your system.
Your Opsview Monitor server should be placed in a secure location.
If your server is accessible through a public network, we recommend using a
firewall to restrict access to various ports; see Section 3.1.5. Ports
With Opsview Monitor agents, we provide monitoring capabilities
for the host. Agents can be contacted by the master or slave system (or
clients) using an anonymous cipher to encrypt communication. Opsview Monitor agents
only permit strong ciphers, such as ADH-128 and ADH-256 to be accepted; however
there is no authentication.
For additional security, we recommend a firewall to be set up
between the master and slave servers, so that only the permitted Opsview Monitor system
can communicate with the Host. Alternatively, you can set the ‘allowed host’
variable to define a specific IP address for the Opsview Monitor system.
Opsview agents also support Secure Socket Layer (SSL) certificates.