See www.zabbix.com for the official Zabbix site.
Active agent authentication
AUTHENTICATION MODULE FOR ZABBIX AGENT
This patch provides an implementation to authenticate active agents to the server before allowing the agent to send monitoring data.
The authentication module adds two new options to the host configuration: an authentication enabled flag and a password field.
With the authentication enabled, the agent must send the authentication request to the server with the SCRAM-SHA1 authentication scheme. The server will only accept and update active and passive monitoring data from authenticated agents.
An authenticated session of an agent will be maintained so long the connection is actively maintained -- either through receiving responses from passive checks or that the agent sends the request for the active checks list.
Should the agents becomes offline for 6 minutes since the last network activity with the server, the authenticated session will be timed out and the agent must reauthenticate itself again.
The change is backwards compatible with 1.8 agents.
The current implementation is currently designed to work and compile under Linux, some extra work may be necessary to include libgsasl in the Windows builds. Authentication is not enforced for the following clients:
- Between nodes
- To Zabbix proxies
- zabbix-get and zabbix-send doesn't have authentication support built-in yet
Zabbix forum thread
Community discussion is taking place here: http://www.zabbix.com/forum/showthread.php?t=20403
More information and installation instructions can be found here: Active_agent_authentication_tech