Potentially if solarwinds account has access to their radius or TACACs log ins. Typically not as it’s would have to be a common id across all network elements with a common login in from the server. Again it’s just typically monitoring and reporting software with a northbound interface in the customers I deal with. If there is a back door, it would need to be set up on the Appliance or vm. If solarwinds is set up to provision, that is a different discussion. The work I’ve done with the 3 letter agencies didn’t show that at all and the fips requirements were tight. I do t see it
Correct me if I'm wrong, but if someone has access to SolarWinds, wouldn't they be able to remotely access any machines using their RMM?
Potentially if solarwinds account has access to their radius or TACACs log ins. Typically not as it’s would have to be a common id across all network elements with a common login in from the server. Again it’s just typically monitoring and reporting software with a northbound interface in the customers I deal with. If there is a back door, it would need to be set up on the Appliance or vm. If solarwinds is set up to provision, that is a different discussion. The work I’ve done with the 3 letter agencies didn’t show that at all and the fips requirements were tight. I do t see it