Ad Widget

Collapse

Which version to use and if any vulnerabiltiy

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Abinash
    Junior Member
    • May 2026
    • 5
    #1

    Which version to use and if any vulnerabiltiy

    I am setting up an enterprise level project and want to use zabbix as monitoring tool.
    i am confused b/w 7.0 vs 7.4 , which version to use.

    I am using two servers for monitoring and using mariadb galera as a database and a galera arbitrator for quorum vote.
    I am using keepalived and rsync process.

    Kinldy suggest me any other information to make it more better and robust.

    Also is there any vulnerability or loop hole in the code of zabbix that can be a threat for an enterprise level, as i am new to the tool.
    Last edited by Abinash; Yesterday, 12:43.
    Tags: None
    • cyber
      Senior Member
      Zabbix Certified SpecialistZabbix Certified Professional
      • Dec 2006
      • 4910
      #2
      .0 versions are LTS versions, they are supported longer than intermediate ones.. https://www.zabbix.com/life_cycle_and_release_policy
      Security related info can be found https://www.zabbix.com/zabbix_security_policy also security advisories are available https://www.zabbix.com/security_advisories

        Comment

        • Abinash
          Junior Member
          • May 2026
          • 5
          #3
          Thanks for the reply, can you help me with the High Availability part for 2 servers where i want to install zabbix 7.0.

          i want that both the servers should have zabbix 7.0, and it should work as HA, but the database should alwyas be in rsync .

          can you suggest some good approach.

          Currently i am using :

          mariadb Galera and Arbitrator,
          Keepalived
          VRRP.
          zabbix 7.0 as monitoring tool .
          Kindly help me with some good suggestions to make it enterprise level

            Comment

            • irontmp
              Member
              • Sep 2023
              • 58
              #4
              Originally posted by Abinash
              I am setting up an enterprise level project and want to use zabbix as monitoring tool.
              i am confused b/w 7.0 vs 7.4 , which version to use.

              I am using two servers for monitoring and using mariadb galera as a database and a galera arbitrator for quorum vote.
              I am using keepalived and rsync process.

              Kinldy suggest me any other information to make it more better and robust.

              Also is there any vulnerability or loop hole in the code of zabbix that can be a threat for an enterprise level like men widow’s peak styles, as i am new to the tool.
              Go with Zabbix 7.4 if it’s available and stable in your repo, since it will include newer fixes and security improvements. Your setup already looks solid with Galera + arbitrator and keepalived. Just make sure DB performance is tightly monitored, and consider using Zabbix proxies if you scale or add remote locations. Also enable TLS between components and keep regular backups outside the cluster. Zabbix is generally safe for enterprise use. The main risks come from outdated versions or poor configuration, not inherent flaws. Keep it updated, lock down access, and follow least-privilege practices for users and API.

                Comment

                • Abinash
                  Junior Member
                  • May 2026
                  • 5
                  #5
                  Thanks for the reply!!

                  Can you let me know if zabbix 7.0 is also suitable in my scenario, as its support time is 2029, where as for zabbix 7.4 is end of 2026.

                  If you could let me know.

                    Comment

                    Previous template Next
                    Working...