SMA (K1000)

Please tell us how you’d like to see the Systems Management Appliance product improved!

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Granting Permissions

    Current permissions on the adminui side are too simplistic, they give too much control. I have helpdesk staff that need the ability to launch Scripts, manage Computer Inventory, and add/edit things in Assets. We are a smaller IT shop, which is the reason our staff has more than tickets to do.

    I'll use the Assets tab as an example. I need the ability to give some users the ability to Create and Edit in some Assets, but not have the ability to Delete. Some other Assets I don't want them to have anything other than Read. Some other users I…

    109 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  2. Dynamic LDAP lookups to assign users to roles

    Currently, when a user is created (either on import, or when they log in), the role they have at that time is assigned to their account, even if the underlying database (e.g. Active Directory) changes. For example, say you've set up the K1000 so that all members of a particular AD security group are admins of the K1000, and all members of another AD security group are K1000 users. If you change a user's AD security group so that they're not in the admin group any longer, that change won't ever take effect on the K1000 and thus the user…

    92 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add Application Whitelisting

    Add Application whitelisting, this is a type of endpoint protection where, by default, all applications are blacklisted and only known good applications are allowed.

    These Known-good applications are kept in a list, KACE seems to have a fairly extensive list of application and signatures which could possibly be leveraged for this purpose.

    Lumention offers this service as part of their suite of endpoint management which competes with KACE. I would like to see this added to KACE;

    86 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    1 comment  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    This is under consideration but not planned for the next release, Please continue voting if you’d like to see this feature prioritized for a future release.

  4. Free SSL certificates from Let's Encrypt

    Add the ability to get a free SSL certificates from Let's Encrypt (www.letsencrypt.org) and have it auto-renew with their client.

    You are able to use their certificates without the client but they expire after 90 days making them hard to manage in the long term.

    74 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  5. Upgrade to Windows 10 via K1000

    What will be the plan for upgrading Windows 7 & 8 computers through K1000? We have Windows Update set to be handled via K1000, so users cannot use Windows Update, nor would we want to manually sign each computer up to have the option to upgrade to Windows 10 when it releases.

    An option to have the K1000 do this for us would be great and save people a lot of time.

    71 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    8 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  6. Ubuntu Encryption Reporting

    Drive Encryption reports no data available on Ubuntu systems. Reporting needs to be added similar to how Kace reports BitLocker and/or FileVault.

    49 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  7. Limit access to report categories and asset types by role or user label

    I would like to limit access to report categories and asset types by role or user label. For example, we have a vehicle maintenance queue. We have vehicles as assets and we have reports for those vehicles. My vehicle maintenance guy doesn't need be able to see and modify the IT assets or reports, he just needs to see and modify his vehicle assets. Also, he doesn't need to be able to see the IT reports, just reports for his vehicles.

    38 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  8. Kace needs to support Secure LDAP for Users running AD and internal CAs.

    Kace needs to provide better support for secure LDAP connections. The most common Active Directory environment running Secure LDAP is running an internal CA.The K1000 does not support using an internally signed certificate. That means that if we want to use LDAP for authentication we have to use unencrypted LDAP. Unencrypted passwords should be a serious concern to Dell.

    24 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  9. SSL settings should allow requesting SAN certificates (Subject Alternative Names)

    In the CSR request process a feature should be added to allow SAN certificates. This would help clients access the K1000 with a variety of internal and external host names without certificate errors.

    23 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  5 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  10. Desktop alerts (colors, position, sectional areas)

    We are currently using other software to notify our users of issues going on (network down, websites down, security info, application issues, threat levels, etc.) We would like to be able to change the colors of the alerts window, change the size of the alert window, and be able to re-position the alert window. Also section off the who, what, where, when, contact info, etc in the alert window. If some of these capabilities could be added to the alert window that would help us with using KACE as a one stop shop for our admins and users.

    22 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    3 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  11. Automate Software Threat Level Settings

    Software Threat Level settings are auto set. For example, like AppDeploy, users can submit software ratings and it will be applied to one's software inventory.

    20 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  12. reverse proxy

    Supporting a reverse proxy setup or providing guidance on how to set up a reverse proxy for the K1000 would be very beneficial for added security. The setup would be something like this:

    K1000 appliance on the internal network behind a firewall
    A reverse proxy on the DMZ (e.g. IIS 8 with ARR)

    Currently trying to set this up is a huge headache and I'm running into all sorts of issues and problems. It would be better from a security standpoint if the K1000 sat behind a reverse proxy.

    A specific use case would be when an organization has an…

    19 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →

    We are excited to announce that version 11.0 of the KACE Systems Management Appliance (SMA) is almost ready for the Beta/Release Candidate program. This release will contain the feature you requested. If you are interested in participating in the Beta/Release Candidate program, please send an email to the Beta Team with “DMZ” in the subject to:

    KACE_BETA@quest.com
  13. secure ldap

    I would be good if the k1000 would not auto accept certificates for secure ldap from active directory - customer would like to get a way to create self sinned certificate forms for secure ldap , like the same thing you when you want to hook an ssl certificate to the k1000

    16 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  14. Drive encryption compliance reporting at system level when ORGs are enabled.

    When ORGs are enabled, we need to be able to report drive encryption compliance at the system level for all devices within all ORGs.

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  15. Import custom trusted root CA

    Being able to import your own trusted CA would be a nice feature going forward. This would allow decrypting all egress network traffic from K1000 to internet without issues.

    At the moment patch downloading fails due to SSL errors when you forward the traffic through SSL decryption proxy. Other issues also occur in the normal functionality.

    Without this feature it is not possible to decrypt the CDN traffic of KACE. When it comes to decrypting network packets, CDN traffic has the highest priority. This feature would also allow enterprises to fully deploy their Layer 7 inspection features and would that…

    15 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  16. Granular access control in regards to which scripts can be run and how

    I would love to give my help desk direct access to our kbox in a limited fashion. I would need to limit the specific scripts that they can run, and possibly the number of machines they can run the script on at once.
    It would be absolutely horrible if someone were to reboot all 14,000+ agents we have at the same time.

    13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    under review  ·  2 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  17. implement AWS compatibility

    We would like to implement the compatibility with AWS EC2

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  18. System level LDAP Authentication

    System level LDAP Authentication, and Roles.
    Allow the same mechanism used at the Org level for Authentication and Role assignment at the System level

    9 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  19. Allow other roles to add and/or manage credentials

    Currently, the 'Credentials' section of Settings is only "editable" for users in the Administrator role. It would be much more flexible to allow users in other roles to edit (or at least add new) credentials.

    If someone is given rights to add new scripts, we would commonly want to also give them rights to use custom credentials for that script.

    7 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
  20. Add Support for SCAP and OVAL on linux Systems.

    Support existing requests for SCAP and OVAL on linux.
    ESMEA-319: SCAP Support for Linux and
    ESMEA-406: Oval Support for Linux OSes

    6 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  Security  ·  Flag idea as inappropriate…  ·  Admin →
← Previous 1
  • Don't see your idea?

Feedback and Knowledge Base