Ensure this rule is updated when the configuration of SolarWinds Platform changes, for example, when you add new servers. You can check these by querying the Orion Servers table in the SolarWinds Platform database. Port 5671 should only communicate to your other SolarWinds Servers (in case of High Availability, both Active and Standby Primary Polling Engine Servers). Here are a few details that would help you understand the. Configure the firewall for the main polling engine to limit and restrict all inbound and outbound access for port 5671. Security agencies in the US are in a panic because SolarWinds is a widely used and popular product.Apply proper segmentation controls on the network where you have deployed the SolarWinds Platform and SQL Server instances.For more details, see the SolarWinds Port Requirements guide and Best practices for configuring Windows Defender Firewall (© 2023 Microsoft, available at, obtained on January 10, 2023.) Disable unnecessary ports, protocols, and services on your host operating system and on applications like SQL Server.See SolarWinds Platform Product Features Affected by Internet Access. If you must enable outbound internet access from SolarWinds servers, create a strict allow list and block all other traffic. Be careful not to expose your SolarWinds Platform website on the public internet.Special attention should be given to the following points from the documentation: SolarWinds products do not use JMSAppender, and are not known to be affected by the vulnerability identified in CVE-2021-4104. Ensure only authorized users can access the SolarWinds Platform. Users should upgrade to Log4j 2 as it addresses numerous other issues from the previous versions. It is important to note no exploits of this vulnerability have been reported in the wild. If exploited, this vulnerability could allow access to files relating to the Serv-U installation and server files. SolarWinds also recommends customers to follow the guidance provided in the SolarWinds Secure Configuration Guide. An external security researcher reported a Directory Transversal Vulnerability in Serv-U 15.3. ![]() ![]() The expected release is by the end of February 2023. SolarWinds recommends customers upgrade to SolarWinds Platform version 2023.1 as soon as it becomes available.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |