Monitoring servers across the internet
Posted: Wed Mar 25, 2020 10:37 am
Hi there
I need to monitor a few servers across the internet in AWS, from what I understood there are 2 possibilities:
1) check_ec2.py (from what I understood uses a boto client on port 443, I assume it is encrypted right?)
2) check_nsclient on port 5666 with a password and a source ip filter on both firewalls to the Nagios
Regarding the security point of view i have the following questions:
1) Is the traffic check_ec2.py encrypted?
2) Is it advisable to use these methods through the internet?
3) Would it be better to create a vpn site to site between the Nagios and AWS to protect these traffic?
4) Are there other methods more secure to protect this traffic ?
5) Is nsclient with a password enough or you would recommend further security?
Thanks in advance
diego
I need to monitor a few servers across the internet in AWS, from what I understood there are 2 possibilities:
1) check_ec2.py (from what I understood uses a boto client on port 443, I assume it is encrypted right?)
2) check_nsclient on port 5666 with a password and a source ip filter on both firewalls to the Nagios
Regarding the security point of view i have the following questions:
1) Is the traffic check_ec2.py encrypted?
2) Is it advisable to use these methods through the internet?
3) Would it be better to create a vpn site to site between the Nagios and AWS to protect these traffic?
4) Are there other methods more secure to protect this traffic ?
5) Is nsclient with a password enough or you would recommend further security?
Thanks in advance
diego