Garrett Michael Hayes

My feedback

  1. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SMA (K1000) » Agent  ·  Flag idea as inappropriate…  ·  Admin →
    Garrett Michael Hayes shared this idea  · 
  2. 13 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    4 comments  ·  SMA (K1000) » Security  ·  Flag idea as inappropriate…  ·  Admin →

    We have targetted the KACE Systems Management Appliance (SMA) to be able to run in the DMZ in two phases. In SMA 11.0, you will use a new, KACE designated port to perform all communications through the KACE secure Konea tunnel. In SMA 11.1, you will be allowed to choose your own port.

    An error occurred while saving the comment
    Garrett Michael Hayes commented  · 

    Except we don't WANT the SMA in the DMZ. That's not where it belongs.

    It has to be inside the network so that it can be reached from our internal systems for discovery tasks and they can reach it. We have the reverse proxy server in the DMZ so that travelling devices can still reach the SMA with the agent only.

    You folks REALLY need to sit down with some real world customers and understand the use cases before you make this self-signed cert your direction. It is a BADLY flawed strategy.

    An error occurred while saving the comment
    Garrett Michael Hayes commented  · 

    This is absolutely essential. The Quest implementation adviser even TOLD us that putting the SMA behind a reverse proxy would work.
    Now after months of digging down to the WireShark packet capture level, to find out that the product design doesn't permit it is simply unacceptable.

    Garrett Michael Hayes supported this idea  · 
  3. 1 vote
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    0 comments  ·  SMA (K1000) » Service Desk  ·  Flag idea as inappropriate…  ·  Admin →
    Garrett Michael Hayes shared this idea  · 
  4. 928 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    23 comments  ·  SMA (K1000) » Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
    Garrett Michael Hayes supported this idea  · 
    An error occurred while saving the comment
    Garrett Michael Hayes commented  · 

    Well, let's bump it again here in 2020.

    Here's one possible approach:
    Add a couple of fields to the Patch Schedule: "Allow users to initiate?" and "Labels for Self Initiation"

    Then expose the flagged patch schedules in the user UI. If the agent is online, they get an "Initiate" button for the patch schedule.

  5. 30 votes
    Vote
    Sign in
    (thinking…)
    Sign in with: Facebook Google
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    6 comments  ·  SMA (K1000) » Service Desk  ·  Flag idea as inappropriate…  ·  Admin →
    An error occurred while saving the comment
    Garrett Michael Hayes commented  · 

    This very definitely needs to be added. For the reasons already mentioned, this is an important item to include. Not having this is tied to the idea that techs are always at a desk with immediate access to the portal, and that is simply not true for many organizations.

    If the reason not to implement this is concern about making the notification emails too long, then if not the full summary, then at least a preview, such as the first 10 lines or something. (If the user can't convey the essence of their need in 10 lines, they can wait.)

Feedback and Knowledge Base