[NMS-14030] Doc Update: Don't expose ONMS console to Internet - The OpenNMS Issue Tracker

XML

Word

Printable

Details

Type: Enhancement
Status: Resolved (View Workflow)
Priority: Trivial
Resolution: Fixed
Affects Version/s: Meridian-2021.1.11, 29.0.6, Meridian-2022.1.0
Fix Version/s: None
Component/s: Documentation, Documentation/Installation
Security Level: Default (Default Security Scheme)
Labels:

Epic Link:
OpenNMS Pen Testing
Sprint:
Docs - Feb 7 - March 4
Docs Needed:

Yes
Internal Priority:

Medium High
Doc Backlog Status:
DB
Acceptance / Success Criteria:

Hide

Updated documentation available online.

Show
Updated documentation available online.
Estimated Days:
0.5

Description

Update Meridian and Horizon docs with a warning about exposing the Web UI Console and Login page to the Open Internet. Something like:

OpenNMS Horizon and Meridian were designed to run within an organization's protected intranet. The web console and login pages must not be directly exposed to the Internet without appropriate isolation controls (e.g., a VPN with multi-factor authentication).

OpenNMS also provides other cloud-based products which are designed for use from the Internet, which have appropriate controls for use across the Internet.

(I'm not sure if we need the second paragraph.)

Attachments

Activity

People

Assignee:: Bonnie Robinson

Reporter:: Jeff Jancula

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 22/Feb/22 4:00 PM

Updated:: 23/Feb/22 2:58 PM

Resolved:: 23/Feb/22 2:58 PM

Time Tracking

Estimated:

Remaining:

Logged:

Not Specified