Security of KACE SMA over the internet
We are planning to make our KACE SMA appliance accessible over the internet to manage mobile devices. I have a couple of questions related to the security of the KACE SMA.
Is there any form of authentication or cert involved during the agent provisioning/installation? Is it possible anyone who knows the URL of our KACE appliance can download the agent from the internet and enrol a random device into our KACE appliance?
Is a database of KACE appliance is encrypted?
Is it possible to disable the management/admin portal to be accessible over the internet? I think KACE use port 443 to manage the devices and the same port number is used to access admin portal.
Any recommendations or best practices to make the appliance more secure over the internet?
Answer Chosen by the Author
Hi, You might want to read this:
(there is a good PDF attached at the end as well),
and read this: