Is it safe to have the Kacev1000 on the DMZ so it can be publicly facing?

We have been having issues reaching a lot of our mobile devices with KACE scripts and updates. We want to put our KACE SMA on the DMZ so we can have our mobile devices be able to make receive scripts from the KACE appliance. Is this a viable way of doing that? Or is that too insecure?

0 Comments   [ + ] Show comments

Answers (3)

Posted by: jleitsch 3 weeks ago
Purple Belt

It is entirely viable as long as you follow best practice at the firewalls. We do not have a DMZ but instead use NAT for our appliance with only the public IP port 443 forwarded. This allows for agent communication and User/Admin interface from the outside also.

Here are the port/url requirments

Posted by: KevinG 2 weeks ago
9th Degree Black Belt

You may want to refer to this knowledge base article.  Best Practices for Securing your SMA (267753)


Posted by: Hobbsy 3 weeks ago
Red Belt

Perfectly safe, particularly if you upgrade to v11 of the SMA which introduces token authentication for any device checking in

This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ