Network.InterfacesIPv4[?ManagementHttps == || ManagementHttp == ].{   Interface: Name,   Zone: IpAssignmentZone,   IP_Address: IpAssignmentModeStaticIp,   HTTP_Enabled: ManagementHttp || ,   HTTPS_Enabled: ManagementHttps || ,   SSH_Enabled: ManagementSsh || }

Identifies all network interfaces where remote access is enabled via HTTP, HTTPS, or SSH. This includes both management and user login services that may expose interfaces to remote access.

Helps surface potential security risks by identifying interfaces that may be unintentionally exposed to the internet or external users.

This metric queries Network.InterfacesIPv4 and filters interfaces where any of the following are true:

ManagementHttps

ManagementHttp

UserLoginHttps

UserLoginHttp

For each matching interface, the following details are returned:

Interface: Name of the interface

Zone: Assigned IP zone

IP_Address: Static IP (if set)

HTTP_Enabled, HTTPS_Enabled: Whether management access is enabled

UserLogin_HTTP, UserLogin_HTTPS: Whether user login is allowed

SSH_Enabled: Whether SSH management is enabled

IT Admins

Security Teams

MSPs (Managed Service Providers)

Compliance Officers

Filter by Zone or IP Range: Add conditions to limit results to Zone == "DMZ" or specific subnet ranges.

Add Device Info: Join data from the root object to include device name, serial number, or location.

Track Over Time: Use Inspectors with Timeline to monitor when remote access settings change.

Alerting: Combine with a Liongard alert to trigger notifications when insecure access is detected.

Ticketing Integration: Auto-create tickets when HTTP or SSH is found on exposed interfaces.