Network Device Management

Last modified on August 28, 2024

StrongDM network device management allows your organization to modernize and secure privileged access to your network in on-premises environments. Network device management uses SSH username/password injection to authenticate to network infrastructure (such as routers, switches, and other physical hardware devices), which typically require a username and password for authentication. Using network device management, along with using best practice security measures, can help to improve security by preventing users from using unsecured local account credentials to access network infrastructure. This article describes how to set up network device management.

Prerequisites

  • Be a StrongDM administrator.
  • Know the username and password of the network device to be set up.

Setup

To set up network device management, add the desired network infrastructure to StrongDM as an SSH (Password) server.

  1. Log in to the Admin UI.
  2. Create the resource by going to Infrastructure > Servers and clicking Add server.
  3. Select SSH (Password) as the server type.
  4. Set all required properties for the SSH (Password) server. Pay particular attention to the following:
    • For Username, set the username of the network device.
    • For Password, set the password of the network device.
  5. After you have set all the required properties, click Create to save the resource.
  6. Test the connection to the network device (for example, use sdm ssh in the CLI to connect).

Next Steps

Set up everything else in StrongDM so that users in your organization can connect to the network device as well. You may wish to:

  • Create a role for accessing those network devices, and assign the role to users.
  • Create a policy, if your organization has the Enterprise plan enabled, to provide granular control, and optionally require MFA and approval workflows in order for access to be granted.

Configuration is now complete. Users who have access to the new SSH (Password) server may now use a username and password to authenticate with your network device.

Top