Network Management Systems (NMS) have tendrils whose reach is far and wide, touching many systems
throughout an organization. Many of these may be high-value systems, including the highly critical network infrastructure itself. NMSs often have privileged credentials (such as Service Accounts) stored within them.
For this reason, NMSs themselves are a high-value target. A compromised NMS has a high potential be used to gain access to managed endpoints and, often closely coupled administrative systems. NMS is an ideal foothold for an attacker to begin lateral movement.
Given both the potential reach and the possibly privileged access, utilising both an appropriate security
architecture, coupled with the relevant security controls, is recommended as a critical initiative.
