/build/static/layout/Breadcrumb_cap_w.png
08/06/2019 331 views

Hello All,

We are planning to make our KACE SMA appliance accessible over the internet to manage mobile devices. I have a couple of questions related to the security of the KACE SMA.

Is there any form of authentication or cert involved during the agent provisioning/installation? Is it possible anyone who knows the URL of our KACE appliance can download the agent from the internet and enrol a random device into our KACE appliance?

Is a database of KACE appliance is encrypted? 

Is it possible to disable the management/admin portal to be accessible over the internet? I think KACE use port 443 to manage the devices and the same port number is used to access admin portal.

Any recommendations or best practices to make the appliance more secure over the internet? 

Thank you

Answer Summary:
1 Comment   [ + ] Show comment

Comments

  • Good question, we are in the process of getting this done so would like to know the answer to this also.

Answer Chosen by the Author

All Answers

0

If your KACE box is externally facing, one best practice is much more Asset management related. When disposing of an Asset, in this case, a Device that has the agent installed, you must make sure that the agent is removed, or better still the device is completely wiped before disposing of. Otherwise you may find the device continues to check in to your SMA and consumes a license.

Answered 08/08/2019 by: Hobbsy
Red Belt