Servers for Windows security considerations

For the latest, most advanced host monitoring, check out New Relic Infrastructure.

To gather the most comprehensive information about your processes and services, Servers for Windows runs as a LocalSystem account.

LocalSystem

Servers for Windows must run in the context of a LocalSystem account, or with an account with equivalent access rights. Since a LocalSystem account has complete, unrestricted access to local resources, this allows Servers for Windows to gather, compare, and show extremely precise information about your server's health. This includes CPU usage, physical memory, disk I/O utilization, and alert notifications. In addition, it gathers extensive process or service information, which appears on your New Relic Servers > (selected server) > Processes tab.

The LocalSystem registry key is associated with the default user, not the current user. This allows Servers for Windows to operate automatically, without the need for a system administrator or other authorized user to sign in. Default privileges include auditing, debugging, starting and stopping the service, etc.

The system administrator can also manage these functions with the built-in configuration utility.

LocalService

Servers for Windows uses LocalSystem rather than LocalService because LocalService has minimum privileges on a local computer, and it would present anonymous credentials to the network. In addition, the only process information gathered with LocalService are metrics pertaining to Servers for Windows itself. It does not gather metrics on any other process or service.

In contrast, LocalSystem has extensive privileges without requiring additional security credentials, and it acts as a computer on the network. This helps to ensure that Servers for Windows provides easy, robust processes for installation, upgrades, and uninstalls that involve minimal system administrator effort.

For more help

Additional documentation resources include:

Discuss New Relic Servers in the New Relic Online Technical Community! Troubleshoot and ask questions, or discuss Servers for Linux or Servers for Windows in detail.

If you need additional help, get support at support.newrelic.com.