/build/static/layout/Breadcrumb_cap_w.png

Best Practices Question


Security of KACE SMA over the internet

08/06/2019 875 views

Hello All,

We are planning to make our KACE SMA appliance accessible over the internet to manage mobile devices. I have a couple of questions related to the security of the KACE SMA.

Is there any form of authentication or cert involved during the agent provisioning/installation? Is it possible anyone who knows the URL of our KACE appliance can download the agent from the internet and enrol a random device into our KACE appliance?

Is a database of KACE appliance is encrypted? 

Is it possible to disable the management/admin portal to be accessible over the internet? I think KACE use port 443 to manage the devices and the same port number is used to access admin portal.

Any recommendations or best practices to make the appliance more secure over the internet? 

Thank you

Answer Summary:
1 Comment   [ + ] Show comment

Comments

  • Good question, we are in the process of getting this done so would like to know the answer to this also.

Answer Chosen by the Author

All Answers

0

If your KACE box is externally facing, one best practice is much more Asset management related. When disposing of an Asset, in this case, a Device that has the agent installed, you must make sure that the agent is removed, or better still the device is completely wiped before disposing of. Otherwise you may find the device continues to check in to your SMA and consumes a license.

Answered 08/08/2019 by: Hobbsy
Red Belt

 
This website uses cookies. By continuing to use this site and/or clicking the "Accept" button you are providing consent Quest Software and its affiliates do NOT sell the Personal Data you provide to us either when you register on our websites or when you do business with us. For more information about our Privacy Policy and our data protection efforts, please visit GDPR-HQ