Security covers the following topics relating to SentryOne security, including required permissions for the various SentryOne components:
|Monitoring Service Security||This topic discusses the permissions required by the SentryOne monitoring service account when watching (monitoring) instances.|
|Client Security||This topic discusses the permissions required when running the SentryOne client, including scenarios in which the client connects directly to a monitored target.|
|Portal Security||This topic provides more information about security requirements for the service and users.|
|Encryption||SentryOne provides multiple options for data encryption at rest and in transit. The SentryOne database can be encrypted using Transparent Data Encryption (TDE).|
To protect data in transit, the connections between the SentryOne database server, SentryOne monitoring services, and the SentryOne client can be encrypted using 128-bit Transport Layer Security (TLS). See the Encrypt Network Traffic item in the Advanced Properties section of the Managing Connections article for details.
See the SentryOne Portal Configuration article for instructions on using the Portal Configuration Utility to encrypt network traffic for SentryOne Portal and apply an SSL certificate.
|Watching Targets Across Domains||This topic is a brief overview of the options available for Watching (monitoring) targets across domains, including information about Pass-through Authentication and configuring SentryOne sites within your environment.|
|Non-Windows Environment||This topic discusses the options for Watching (monitoring) instances in a non-Windows environment, including Pass-through Authentication.|
|SentryOne Performance Analysis||This topic discusses advanced information about the Performance Analysis security requirements, including port requirements for monitored targets.|
|Azure SQL Database and Data Warehouse||This topic covers security aspects specific to Azure SQL Database and SQL Data Warehouse.|
|Rights Based Security||This topic discusses restricting user access within the SentryOne client based on Windows and SQL Server authentication accounts.|
|Role Based Security||This topic discusses restricting user access within the SentryOne client based on SentryOne database roles.|
Additional Information: For more information about SentryOne security, see this Hardening SentryOne for Security blog post.