SMA (K1000)

Please tell us how you’d like to see the Systems Management Appliance product improved!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Desktop alerts (colors, position, sectional areas)

    We are currently using other software to notify our users of issues going on (network down, websites down, security info, application issues, threat levels, etc.) We would like to be able to change the colors of the alerts window, change the size of the alert window, and be able to re-position the alert window. Also section off the who, what, where, when, contact info, etc in the alert window. If some of these capabilities could be added to the alert window that would help us with using KACE as a one stop shop for our admins and users.

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Free SSL certificates from Let's Encrypt

    Add the ability to get a free SSL certificates from Let's Encrypt (www.letsencrypt.org) and have it auto-renew with their client.

    You are able to use their certificates without the client but they expire after 90 days making them hard to manage in the long term.

    54 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Optional credentials

    It would be nice to have the option for credentials. Currently, if a function has a credentials field, its required. Sometimes some things hit a RO anonymous share and throwing credentials at it causes it to fail.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. Add Support for SCAP and OVAL on linux Systems.

    Support existing requests for SCAP and OVAL on linux.
    ESMEA-319: SCAP Support for Linux and
    ESMEA-406: Oval Support for Linux OSes

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. User Portal - Allow customers to run security patch schedule on their own mobile laptop on-demand, to suite their own schedule

    User Portal - Allow customers to run security patch schedule on their own mobile laptop on-demand, to suite their own schedule.

    Customers' work schedules vary greatly. Some run processes that can be interfered with by security patching jobs. They need to schedule their own time to install patches when no purported conflicts with running software could negatively impact their work.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Add Application Whitelisting

    Add Application whitelisting, this is a type of endpoint protection where, by default, all applications are blacklisted and only known good applications are allowed.

    These Known-good applications are kept in a list, KACE seems to have a fairly extensive list of application and signatures which could possibly be leveraged for this purpose.

    Lumention offers this service as part of their suite of endpoint management which competes with KACE. I would like to see this added to KACE;

    61 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    This is under consideration but not planned for the next release, Please continue voting if you’d like to see this feature prioritized for a future release.

  7. Do not Auto-Fill Login Username

    As part of the medical industry, we have adhere to HIPAA security standards. Because of this we would like the Username to work like a banking site and not allow the username to be saved and Auto-Filled.
    Here is a code example.
    https://developer.mozilla.org/en-US/docs/Web/Security/Securing_your_site/Turning_off_form_autocompletion

    Thanks

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Dell Updates progress message

    Add the ability to show a progress message on Dell Updates, similar to that already available in the patching section to let users (or other IT staff) know when Dell updates are being installed. Currently after the initial message, the only way to tell is to look at the web console for each device.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Limit MySQL access to specific IP addresses

    Our Security team has run vulnerability scans against the Kace K1000 and it currentloy shows 130+ vulnerabilities 95% of which are related to MySQL.

    What is most desired to mitigate the vulnerabilities is a limitation of MySQL access by source IP address, this would mitigate the exposure of the system. We know that MySQL already has a table to do limit access itself, however the KACE GUI doesn't make access to those MySQL built-in components.

    11 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Upgrade to Windows 10 via K1000

    What will be the plan for upgrading Windows 7 & 8 computers through K1000? We have Windows Update set to be handled via K1000, so users cannot use Windows Update, nor would we want to manually sign each computer up to have the option to upgrade to Windows 10 when it releases.

    An option to have the K1000 do this for us would be great and save people a lot of time.

    66 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Patching alert improvements

    Past experience shows that whenever a set of patches is applied, even if “No Reboot” is chosen that a large percentage of the time the workstation is booted anyway. We don’t use this option anymore. We have one schedule set to detect … and another schedule set to deploy. The deploy job has an alert and is set to force a reboot. This allows our users have a chance to consent to a reboot during the day (laptops).

    I just spoke with a support person and they confirmed that a deploy job has a max timeout of 1 hour, no…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. Restrict Number of Login Attempts

    The server needs the ability to lock access after specified number of failed login attempts. This would help protect the server against brute force attacks.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. Access Control List Needs Ability to Restrict Management Console Only

    The access control list allows you to restrict access to certain IPs for the entire KACE server. It would be helpful to be able to create separate restrictions for the user console and management console. For example, allow all IPs to connect to the user console, restrict certain IPs for the management console.

    2 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Endpoint Local Admin Password Management

    During a Security Audit, it was determined that having the same local administrator password the same on all endpoints is a security risk. Re-setting and storing individual endpoint's local admin password in the K1000. I believe this would be a stellar security feature, allowing K1000 helpdesk to view local admin password for each endpoint.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Granular access control in regards to which scripts can be run and how

    I would love to give my help desk direct access to our kbox in a limited fashion. I would need to limit the specific scripts that they can run, and possibly the number of machines they can run the script on at once.
    It would be absolutely horrible if someone were to reboot all 14,000+ agents we have at the same time.

    12 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Enhenced Proxy settings should be support client side ssl import and settings. Websense wants to client ssl for internet access.

    It should be enhenced Proxy settings. Some customers use client side ssl request for internet access. For example Websense, Aventail SSL wants to client ssl for internet access after that give internet acces. Dell Kace products don't have Proxy settings for Proxy certificates.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Allow staged device Patch Schedule

    I would like the possibility to create a patching schedule which stages the installation of the patches for the associated devices. For example, a patch schedule with 3 devices, where the first device is installed with all the patches. Once completed (succesfully) the second associated device then begins, and so on. The idea behind this is for only 1 "server" to be patched at one time and to avoid reboots occurring at the same time.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Patch Installation Status View

    We need a view to show all the computers and their patching level based upon the patch groups it is assigned to. That way we can easily see which computers are not fully updated. Also the view should be sortable by column. Also when we click on the computer in that view it should show which patches are missing or the errors it is having trying to update the machine.

    0 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. SSL settings should allow requesting SAN certificates (Subject Alternative Names)

    In the CSR request process a feature should be added to allow SAN certificates. This would help clients access the K1000 with a variety of internal and external host names without certificate errors.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Label Permissions

    Allow a way to create a User Group to only have rights to specific Smart Labels. We are a Global Company and I do not want my EMEA Help Desk groups to be able to push MI's, Run Scipts, etc. on machines that are part of certain labels or do not fall under their control. They should have read access to all of the computers but only have the ability to manage their group of machines/labels. We cannot do multiple Org's so having this implemented would solve our issues.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base