Hi Guys,

I'm wondering who has the ODBC connection option enabled for the Kace box. Our kbox is in our dmz (outside the firewall) and I'm concerned about enabling this option. Has anyone else used this option, was there any additional security that you enabled?


Here's the kace option:

Enable database access:
The K1000 database is accessable via port 3306, to allow you to run reports via an off board tool like Access or Excel. If you do not need to expose the database in this way, you can uncheck this option
0 Comments   [ + ] Show Comments

Comments

Please log in to comment

Rating comments in this legacy AppDeploy message board thread won't reorder them,
so that the conversation will remain readable.

Answers

0
Your DMZ should still be behind a firewall just less protected. Do you really have tcp port 3306 open to the internet?
Answered 09/27/2011 by: GillySpy
Seventh Degree Black Belt

Please log in to comment
0
DMZ does not equal "outside the firewall". Ideally you'd run two firewalls (one in between the DMZ and internal network, and one between the DMZ and external router). It would be much safer to keep the KBOX behind a firewall; then you can block external access to all ports that are not required for regular K1000 use. You'd only need to open a few ports back in to the KBOX to make it accessible to the internet without exposing the entire server.

We use ODBC daily, but our KBOX is not accessible externally.
Answered 09/27/2011 by: airwolf
Tenth Degree Black Belt

Please log in to comment
Answer this question or Comment on this question for clarity