I see a lot of features on Lingard but i miss some security design features which nowadays should be the priority:
Log of every movement inside the app. Specially from liongard staff while giving support like ITGlue
Ability to disable access from liongard staff like in Auvik
Every new inspector should be designed with least privileged permissions and a guide how to do it. (Like the azure Inspector which is perfect)
Azure: read only guide, very well done.
Sophos XG: API access IP limited and read only (Great!)
VMware is great but i have to use a root password! SSH is supposed to be disabled always. Other solutions like auvik uses PowerCLI scripts to get the info.
Shouldn´t have to be Doman Admin for installing the service... Should never install anything on a DC. I understand Liognard starff went around all this before, but other solutions are trying to avoid using doman admins.
Synology: Again the same... using an Admin account. What about SNMPv3?
Veeam Availability Console: Using admin password again. A guide for the least priviledge would be appreciated. Usually the user is also admin of the computer.
Cisco: Again, no guide for doing a non root user. Perhaps its not possible to do, but i think this could be enforced.
I know it would overcomplicate the solution but a "enforced security deployment" would be great. Even with less capabilities, but i cant use the solution "as is" for some customers that are super concerned about security.
Hope this helps
|Last Reviewed Date||2022-01-07|