SMA (K1000)

Please tell us how you’d like to see the Systems Management Appliance product improved!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Ubuntu Encryption Reporting

    Drive Encryption reports no data available on Ubuntu systems. Reporting needs to be added similar to how Kace reports BitLocker and/or FileVault.

    40 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Allow other roles to add and/or manage credentials

    Currently, the 'Credentials' section of Settings is only "editable" for users in the Administrator role. It would be much more flexible to allow users in other roles to edit (or at least add new) credentials.

    If someone is given rights to add new scripts, we would commonly want to also give them rights to use custom credentials for that script.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add option for "Max Concurrent Devices to Receive Patches"

    Currently we are using the K1000 to do all of our Windows patching. We have ran into the problem where we have some users who are on our VPN and never receive patches. Our bandwidth for our VPN is rather limited, so adding something in to say "only 2 people can receive patches at a time" for a specific schedule would be fantastic as it would reduce bandwidth consumption and allow us to patch our remote users consistently.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  4. User settable 2FA Settings, Fine-grained 2FA Settings

    The current 2FA implementation is extremely lacking. I only seem to be able to find the prompt to scan a 2FA code after first toggling it on, and then from the administrator panel when lookup up users. Virtually every other 2FA I've configured gives an option in user settings to manage their 2FA codes. Without letting users do that you are asking for lockout issues if a user has to get a new phone, this should not be hidden in the User administration area, unless admins want to hide that from users.

    Furthermore, we should have more fine-grained settings to…

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Drive encryption compliance reporting at system level when ORGs are enabled.

    When ORGs are enabled, we need to be able to report drive encryption compliance at the system level for all devices within all ORGs.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Auto-retry failed patch detect and deploys

    Occasionally patch detection or deployment fails usually due to machines going offline. The failure is reported back in the stats but nothing is done about it and this can result in a machine remaining insecure for an extended period.

    I suggest detects and deploys auto-retry in a similar manner to Managed Installs do, say by default three times, next time the machine is online. This should ensure a higher success rate overall and I imagine would be easy to implement.

    Now that users have more control over reboots the resulting delay in the patch deployment (pushing it outside of the…

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Import custom trusted root CA

    Being able to import your own trusted CA would be a nice feature going forward. This would allow decrypting all egress network traffic from K1000 to internet without issues.

    At the moment patch downloading fails due to SSL errors when you forward the traffic through SSL decryption proxy. Other issues also occur in the normal functionality.

    Without this feature it is not possible to decrypt the CDN traffic of KACE. When it comes to decrypting network packets, CDN traffic has the highest priority. This feature would also allow enterprises to fully deploy their Layer 7 inspection features and would that…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. implement AWS compatibility

    We would like to implement the compatibility with AWS EC2

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. Add Dell Update support for Dell Embedded Box PC

    Please add dell update support for Dell Embedded PCs (5000 and 7000).

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. System level LDAP Authentication

    System level LDAP Authentication, and Roles.
    Allow the same mechanism used at the Org level for Authentication and Role assignment at the System level

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Ability to change konfig & netdiag passwords

    Please allow the ability to change all default system passwords.

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. secure ldap

    I would be good if the k1000 would not auto accept certificates for secure ldap from active directory - customer would like to get a way to create self sinned certificate forms for secure ldap , like the same thing you when you want to hook an ssl certificate to the k1000

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  13. The K1000 about page is visible to the public!

    The about page located at http://<K1000_HOSTNAME>/common/about.php contains contains summary information of the system and should be locked down.

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. The System Performance page (MUNIN) is visible to the public!

    The System Performance page or MUNIN must be secured and locked down to allow viewing only by system administrators. We cannot have this System Performance graph (https://<K1000_HOSTNAME>/munin/) visible to the public!

    5 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Ability to change the webui port

    With agent communication going over 443 and the webui port being 443 as well the device cannot securely sit behind a radius firewall that requires dual factor authentication.

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Issue a command to a PC before rebooting after updates are applied by kace

    I would really appreciate if k1000 would allow me to run a script or a command before rebooting a PC after updates apply. It would be useful for disabling bitlocker or gracefully shut down a database or such

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. Ability to add other encryption products to track status

    Ability to add Mcafee or other encryption products similar to the current bitlocker status.

    3 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. Define Access with Labels instead of Roles

    It would be nice to be able to define the security within the UI by label instead of by specific pre-determined roles. This would allow me to specify a "Service Desk Write" label which can then be associated with a group in my LDAP structure to which all members would get write access to the service desk, and I could have one for every tab called out in role creation. This would enable dynamic assignment of resources to users so that we are not required have to pre-determine every potential use case, define a role for that use case and…

    4 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Add additional logging for the appliance

    There should be additional logging on the K1000 appliance to audit when kace admins make huge changes to the environment. Ex: Upgrading the Kace appliance to a major version.
    We have about 7 or 8 employees that have admin access in our k1000 appliance and an upgrade was performed and ended up breaking our environment. We tried to figure out who initiated the upgrade by exporting all the logs and were only able to find other information like who uploaded items into the scripting section, who ran a script, etc. But no information on who started an appliance upgrade. This…

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Dell Updates schedules

    Can you change the standard behavior in schedules whereas, 1) no Device Label is specified and 2) the "All Devices" checkbox is left unchecked, that the schedule will actually deploy to no devices? This is the logical, more intuitive, behavior.

    My thought process usually goes: 0+0=0

    1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1 3 4
  • Don't see your idea?

Feedback and Knowledge Base