secured JMX monitoring from local machine
We have a customer request for secured JMX monitoring ,a nd they are very strict on security.
the requirenments are:
JMX agaent can be accessed from the local machine only using tools like Nagios or jmxterm.
should be password protected.
should not expose any open post on the local network.
if we configure JMX with jmi connector and password authentication the the rmi port is available on the local network and a clever hacker can break it. of course one solution can be to block this port with a local firewal or some other way to block the port for access from outside the machine.
if we use the Attach API to start and access the JMX agent the password authentication is not available.
so the question is: what is the way to enablr JMX monitoring from the local machine only with password authentication and no port exposed to the local network.