KACE Systems Management Appliance (SMA)
Please tell us how you’d like to see the KACE Systems Management Appliance product improved!
13 results found
-
Sub-Administrator Level Roles
Allow for a role that has access only to certain machines and the ability only to create and modify their SW distributions, but have access to shared distributions. An alternative would be allowing more than one organization to share software distributions and other resources
382 votesCompleted in SMA v8.0 and Generally Available on 11/14/2017
-
Read/ Write API Access to all Modules
I would like the ability to create a user that has write access to just the Asset tables of the K1000.
This would then give us the opportunity to write a mobile App that would let us scan an asset tag barcode and display the info on the screen and if the details for that asset eg: location, owner etc were not correct they could be altered on the spot without having to write down lists or carry a laptop around.193 votes -
Multi-Factor Authentication
We need the option to authenticate users again a RADIUS server for Two-Factor authentication.
158 votesCompleted in 9.0 release 8/20/2018
-
Free SSL certificates from Let's Encrypt
Add the ability to get a free SSL certificates from Let's Encrypt (www.letsencrypt.org) and have it auto-renew with their client.
You are able to use their certificates without the client but they expire after 90 days making them hard to manage in the long term.
108 votesThis feature was added in v13.0. Review release notes and downloads here:
-
Add support for TLS 1.1 and 1.2
All customers subject to NIST and PCI DSS are in the process of disabling SSLv3 and TLS1.0 on all their systems. KACE needs to add support for TLS 1.1 or 1.2 for the appliance web portals and clients communication in order for us to still be able to use the product. If you disable SSLv3 (as recommended by everyone) according to technical support (SR Number:2819691) this breaks the HTTPS client communication with the appliance.
63 votesStarting in version 7.0, the K1000 Systems Management Appliance supports and prefers version 1.2 of the Transport Layer Security (TLS) protocol in the appliance web portals and client communication. Versions 1.1 and 1.0 are also supported, but version 1.2 is preferred.
-
reverse proxy
Supporting a reverse proxy setup or providing guidance on how to set up a reverse proxy for the K1000 would be very beneficial for added security. The setup would be something like this:
K1000 appliance on the internal network behind a firewall
A reverse proxy on the DMZ (e.g. IIS 8 with ARR)Currently trying to set this up is a huge headache and I'm running into all sorts of issues and problems. It would be better from a security standpoint if the K1000 sat behind a reverse proxy.
A specific use case would be when an organization has an…
16 votesIf this does not address the root request and reverse proxy per se is required, please create another UserVoice request.
The new agent security features in 11.0 are designed to support agents connecting to an SMA inside the firewall from outside the firewall. This can be accomplished either by port forwarding at the firewall or by configuring a Reverse Proxy in the DMZ to forward https traffic on port 443 with the Server Name Indication set to “konea” to the SMA. This will allow external agents to connect to the SMA while blocking web browsers from accessing the SMA externally.
-
Add to Dell update catalog Dell Venue
Add to Kace k1000 Dell update catalog the Dell Venue family.
10 votesIn 6.3, the K1000 will support updating the BIOS of Venue 11 tablets. Venue 8 tablets will not be supported.
-
Automate changing local admin passwords on large Organizations
We are required by Policy to change local admin passwords quarterly and upon staff departure. This results in over 600 manual password changes.
Does Quest have a way to automate this, or could a Tool/KBin be created so we can input a password and apply it to our servers?
d
7 votescompleted ·
AdminKent Feid
(Director of Product Management | Data Protection & KACE Unified Endpoint Management, Quest KACE)
responded
We are excited to announce that as part of the KACE SMA 12.0 release, we have made multiple user management and credential enhancements. As part of these enhancements, we have added the ability to disable/delete the local built-in admin account, which takes away the need to change the password on a reoccurring basis to meet your companies password security policy. This enhancement applies to both Org and Non-Org appliances. This approach, therefore, provides you the flexibility of using either LDAP or SAML to manage all user credentials taking on the password complexity and change cadence defined by your preferred methodology. Additionally, for customers leveraging Org's, we have added the ability to use LDAP/SAML as a means of authenticating at the system level with the option of making a specific role a global admin. If enabled, it automatically allows a user in that group to gain admin access to…
-
Add Support for SCAP and OVAL on linux Systems.
Support existing requests for SCAP and OVAL on linux.
ESMEA-319: SCAP Support for Linux and
ESMEA-406: Oval Support for Linux OSes6 votesCompletd in SMA 11.1
-
Provide a way to encrypt the mySQL database traffic.
Al other traffic has this ability. i'd like to offer out external reporting units this ability without needing to setup VPN access to my net.
3 votesRelease 5.3 supports secure ODBC connectivity. Version should be available in the next 2 weeks.
-
Lock Down /adminui to internal IP address range
Lock down /adminui to internal IP address range. Organizations need to allow access to /userui globally, but limit access to /adminui.
3 votesThe Local Web Server Configuration option will allow you to specify acceptable IP ranges for all three consoles: adminui, systemui, and userui.
-
Separate Helpdesk Users and Roles from System Management
Allow for the helpdesk to be run by the helpdesk. Give helpdesk administrators the ability to create and assign helpdesk functionality roles without giving them the ability to create and assign roles for non-helpdesk sections of the KACE. IE, currently giving helpdesk admins the ability to grant users ticket processing functions, they are also able to make themselves or anyone else full administrators for the KACE.
1 voteUsers and Roles were moved under Settings as part of the 5.5 release
-
Add XPS 13 to Dell Update Catalog
Why aren't all the latest models supported?
1 voteXPS 13 updates are now in the catalog feed. See Dell XPS 13 9343 System BIOS, A01 for an example.
- Don't see your idea?