Secure monitoring with Zabbix
Zabbix is an open-source software used to monitor IT equipment such as servers, network equipment, virtual machines, etc. In an installation with Zabbix, there are Zabbix proxies with the task of collecting information from its nearby equipment and to forward this information to a centrally located Zabbix server. The Zabbix server compiles the information and makes it available to an operator. The operator can define views, graphs, alarm conditions, etc. to facilitate and streamline their work.
An attack on Zabbix where an attacker by exploiting vulnerabilities in the communication paths succeeds at remotely executing arbitrary code in Zabbix server or Zabbix proxy would be catastrophic, as it could spread to all interconnected systems. Even one, simpler attack that temporarily disrupts the availability of monitored systems would also most likely cause significant problems and large costs. Therefore, it is important to closely monitor the communication and thus reducing the attack vectors against the servers.