Security Overview

Security covers the following topics relating to SentryOne security, including required permissions for the various SentryOne components: 

Security TopicDescription
Monitoring Service SecurityThis topic discusses the permissions required by the SentryOne monitoring service account when watching (monitoring) instances.
Client SecurityThis topic discusses the permissions required when running the SentryOne client, including scenarios in which the client connects directly to a monitored target.
Portal Security
This topic provides more information about security requirements for the service and users.
SentryOne provides multiple options for data encryption at rest and in transit. The SentryOne database can be encrypted using Transparent Data Encryption (TDE).

To protect data in transit, the connections between the SentryOne database server, SentryOne monitoring services, and the SentryOne client can be encrypted using 128-bit Transport Layer Security (TLS). See the Encrypt Network Traffic item in the Advanced Properties section of the Managing Connections article for details.

See the SentryOne Portal Configuration article for instructions on using the Portal Configuration Utility to encrypt network traffic for SentryOne Portal and apply an SSL certificate.
Watching Targets Across DomainsThis topic is a brief overview of the options available for Watching (monitoring) targets across domains, including information about Pass-through Authentication and configuring SentryOne sites within your environment.
Non-Windows EnvironmentThis topic discusses the options for Watching (monitoring) instances in a non-Windows environment, including Pass-through Authentication.
SentryOne Performance AnalysisThis topic discusses advanced information about the Performance Analysis security requirements, including port requirements for monitored targets.
Azure SQL Database and Data WarehouseThis topic covers security aspects specific to Azure SQL Database and SQL Data Warehouse.
Rights Based SecurityThis topic discusses restricting user access within the SentryOne client based on Windows and SQL Server authentication accounts.
Role Based SecurityThis topic discusses restricting user access within the SentryOne client based on SentryOne database roles.

Additional Information: For more information about SentryOne security, see this Hardening SentryOne for Security blog post.