Permissions & Authentication
A more detailed discussion of how Liongard gains the permissions that it needs in order to do various types of inspections.
Liongard Agents run many different types of Inspectors against many different types of systems. As such, Agents and Inspectors authenticate to different systems in different ways depending on what management interfaces the system has available.
Cloud-Based API / Management Interface
When Liongard authenticates to a service with a public, web-facing API the authentication credentials are typically entered into the Liongard web interface where they are securely stored and used per-inspection job.
These Inspectors typically run through one of your Managed Cloud Agents since no privileged network access is required.
For Example...
- Webroot: Public-facing API authenticated using credentials entered into the Liongard web interface
- Microsoft 365: Microsoft Graph API (REST based)
- Amazon Web Services: Public-facing API authenticated using credentials entered into the Liongard web interface
On-Device API / Management Interface
When Liongard authenticates to a service with an API hosted on a local device like a firewall or to another local management interface like SSH, the authentication credentials are typically entered into the Liongard web interface where they are securely stored and used per-inspection job.
These Inspectors typically run through an On-Premises Agent since local management interfaces are usually not accessible from the public internet.
For Example...
- Cisco ASA: Connects via SSH and authenticates based on credentials or certificates input to the Liongard web interface
- Sophos XG: Connects to an API hosted on the local device based on credentials input to the Liongard web interface
Public Source Data
When Liongard is pulling data from public sources such as DNS, WHOIS servers, and public web services, no authentication is required.
These Inspectors typically run through one of your Managed Cloud Agents since no privileged network access is required.
For Example...
- Internet Domain: Pulls data from public DNS and WHOIS servers without any authentication.
- SSL / TLS: Pulls certificates and associated information from public-facing web servers without any authentication.
Updated about 1 year ago