How can we improve the SMA (K1000)?

reverse proxy

Supporting a reverse proxy setup or providing guidance on how to set up a reverse proxy for the K1000 would be very beneficial for added security. The setup would be something like this:

K1000 appliance on the internal network behind a firewall
A reverse proxy on the DMZ (e.g. IIS 8 with ARR)

Currently trying to set this up is a huge headache and I'm running into all sorts of issues and problems. It would be better from a security standpoint if the K1000 sat behind a reverse proxy.

A specific use case would be when an organization has an outsourced helpdesk organization and those folks have to access the ticketing functions of KACE without giving them VPN access.

9 votes
Vote
Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
You have left! (?) (thinking…)
PTLA_IT shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
(thinking…)
Sign in with: Facebook Google
Signed in as (Sign out)
Submitting...
  • HG commented  ·   ·  Flag as inappropriate

    Very useful for road warriors as well, allowing them to checkin and get updates etc while outside the network.
    The new "konea" agent connectivity prevents reverse proxy from working altogether (the client makes an https request to the server with the hostname "konea", and doesnt trust your CA even if you add that name to your cert)

Feedback and Knowledge Base