Liongard Ideas Portal

Submit and upvote ideas to make Liongard better. You get 20 votes so vote wisely. 🙂


The Product Team is constantly reading your ideas and while we can’t promise that all ideas will become a reality, we value your feedback and promise to always have our Partners in mind when building and improving Liongard.

Check out our FAQs to learn more.

See what we've shipped by clicking here!

Security First on all Inspectors

Dear all,

I see a lot of features on Lingard but i miss some security design features which nowadays should be the priority:

In general:

  • Log of every movement inside the app. Specially from liongard staff while giving support like ITGlue

  • Ability to disable access from liongard staff like in Auvik

  • Every new inspector should be designed with least privileged permissions and a guide how to do it. (Like the azure Inspector which is perfect)

Well done:

  • Azure: read only guide, very well done.

  • Sophos XG: API access IP limited and read only (Great!)

More specific:

  • VMware is great but i have to use a root password! SSH is supposed to be disabled always. Other solutions like auvik uses PowerCLI scripts to get the info.

  • Shouldn´t have to be Doman Admin for installing the service... Should never install anything on a DC. I understand Liognard starff went around all this before, but other solutions are trying to avoid using doman admins.

  • Synology: Again the same... using an Admin account. What about SNMPv3?

  • Veeam Availability Console: Using admin password again. A guide for the least priviledge would be appreciated. Usually the user is also admin of the computer.

  • Cisco: Again, no guide for doing a non root user. Perhaps its not possible to do, but i think this could be enforced.

I know it would overcomplicate the solution but a "enforced security deployment" would be great. Even with less capabilities, but i cant use the solution "as is" for some customers that are super concerned about security.

Hope this helps

Thanks!

  • Luis Morcillo
  • Dec 31 2020
  • Future Consideration
Last Reviewed Date 2022-01-07
  • Attach files
  • Guest commented
    25 Jan 02:32pm

    THIS. It's a big thing for us that LG is a reporting-only environment that has no capacity to change the environments.


    For most of these inspectors it's easier to create an admin but there should be lesser permissions that would allow login and listing of stuff - VMWare, Sonicwall, etc.


    Until these are addressed I'm linking from Auvik to grab these devices.