Limiting access to the WhatsUp Gold Administration Console

The Administration Console Windows application (WhatsUp Gold Console) does not log user actions and it does not enforce device group access rights. Users accessing the Administration Console can perform operations including setting web user passwords, ping, and traceroute operations on any device regardless of its device group associations.

Ipswitch recommends limiting use of the Administration Console to only trusted administrators such as the default Admin account, or to initial WhatsUp Gold configuration procedures like setting FIPS mode and ongoing (but occasional) procedures like WhatsUp Gold backup and restore operations.

To block access for most users:

• Limit the Access WhatsUp Gold Console user right to only the default Admin account.
• If WhatsUp Gold is not operating with FIPS Mode enabled, the Access WhatsUp Gold Console user right is not available. In this case, rely on the Windows administrator password to block users from accessing the Administration Console.

See Also Security Guidelines Security guidelines overview Security best practices Limiting Access to the WhatsUp Gold Tools and Utilities Issuing User Rights and Device Access Rights conservatively Monitoring WhatsUp Gold health and disk usage to prevent data loss Set the WhatsUp Gold server platform to use FIPS cryptography Using WhatsUp Gold password management