Search code examples
zabbixprivate-network

Zabbix monitor devices in private network from outside

I have zabbix-server with Public IP on AWS (EC2 Amazon Linux 2). I would like to use this server to monitor devices (VMs, printers etc.) inside our company private network. I have full access to the network/devices and AWS EC2 instance. Should I install zabbix-proxy in company network and then set up connection between zabbix-server and endpoint which has static public ip with port-forwarding? Or just port forwarding?

Solution

  • Zabbix proxy is the recommended method. Several benefits over directly monitoring the endpoints:

    • Reduces the needed connectivity between the sites to a single TCP port.
    • Reduces the amount of network traffic.
    • All traffic can be easily encrypted between both sites.

    Proxy can operate in either active or passive mode:

    • Active - proxy connects to the Zabbix server (likely preferred in this case).
    • Passive - Zabbix server connects to the proxy.