- Restrict Zabbix server (
10051/tcp) to trusted networks.
- Limit web UI access to admin subnets.
- Use HTTPS for the web UI.
¶ Authentication and Access
- Enforce strong admin passwords and MFA if available.
- Use least-privilege roles for operators.
¶ Agents and Proxies
- Use Zabbix proxies in remote sites.
- Encrypt agent connections where supported.
- Run services as dedicated users.
- Keep templates and agents updated.
Do you need help or support? Feel free to contact us!