Is it safe to have the Kacev1000 on the DMZ so it can be publicly facing?
We have been having issues reaching a lot of our mobile devices with KACE scripts and updates. We want to put our KACE SMA on the DMZ so we can have our mobile devices be able to make receive scripts from the KACE appliance. Is this a viable way of doing that? Or is that too insecure?
It is entirely viable as long as you follow best practice at the firewalls. We do not have a DMZ but instead use NAT for our appliance with only the public IP port 443 forwarded. This allows for agent communication and User/Admin interface from the outside also.
Here are the port/url requirments
You may want to refer to this knowledge base article. Best Practices for Securing your SMA (267753)