サポートと今すぐチャット
サポートとのチャット

KACE Systems Deployment Appliance 9.1 Common Documents - Administrator Guide

About the KACE Systems Deployment Appliance Getting started Using the Dashboard Configuring the appliance Setting up user accounts and user authentication Configuring security settings Preparing for deployment Managing device inventory Using labels Creating a Windows or Linux Boot Environment Managing drivers Capturing images Capturing user states Creating scripted installations Creating a task sequence Automating deployments Performing manual deployments Managing custom deployments Managing offline deployments About the Remote Site Appliance Importing and exporting appliance components Managing disk space Troubleshooting appliance issues Updating appliance software Glossary About us Legal notices

Enable SSH Root Login (KACE Support)

Enable SSH Root Login (KACE Support)

Enabling SSH provides remote access to the Quest KACE Support team. Quest KACE recommends enabling SSH before you begin to use the appliance. SSH remote access is the only method that the Support team can use to diagnose and fix problems if the appliance becomes unresponsive.

1.
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page.
2.
Select the Allow SSH Root Login (KACE Support) check box.
3.
Click Save.

Prevent brute-force login attacks

Prevent brute-force login attacks

You can configure the appliance to prevent multiple consecutive attacks from obtaining appliance credentials.

The Brute Force Detection settings on the Security Settings page allow you to configure the number of failed authentication attempts within a specified time frame, after which the appliance prevents any logins for that user name.

1.
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page.
2.
On the Security Settings page, under Brute Force Detection, specify the following:
3.
Click Save.

Enable Two-Factor Authentication

Enable Two-Factor Authentication

Two-Factor Authentication (2FA) provides stronger security for users logging into the appliance by adding an extra step to the login process. It relies on the authenticator app to generate verification codes. The app generates a new six-digit code at regular intervals. When administrators enable 2FA on the appliance, applicable end users are prompted for a verification code each time they log in.

Start by installing the authenticator app on your mobile Android or iOS device. You can download the app from Google Play and Apple App Store.

Only users with Admin-level permissions have the ability to enable 2FA. Read-only administrators cannot manage this feature.

NOTE: Using the reset_admin_password command to reset the administrator's password also resets the 2FA token. For more information about this command, see Use the Command Line Console to reset the Administrator's password.
1.
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page.
2.
On the Security Settings page, under Two-Factor Authentication, select Enable Two-Factor Authentication.
3.
Click Save.
4.
Complete the 2FA configuration on the Configure Two-Factor Authentication page that appears.
d.
In the Verification Code field, type the 6-digit code from the authenticator app.
e.
Click Finish Configuration.
The Configure Two-Factor Authentication page closes and the Dashboard appears, indicating that you are now logged in to the appliance with the newly configured 2FA credentials.
a.
On the left navigation pane, click Settings > Control Panel to display the Control Panel, then click Security to display the Security Settings page.
b.
When you enable 2FA on the appliance, only those users who have 2FA enabled can log in using this additional layer of security. To enforce 2FA for all users logging into the appliance, under Two-Factor Authentication, select Require Two-Factor Authentication for all users. This option overrides the 2FA configuration associated with individual user accounts. For more information, see Add or edit local administrator accounts.
c.
To specify the length of time during which users who require 2FA can bypass 2FA authentication, under Transition Window, specify the desired time period. This way, for example, if a user leaves their phone at home and cannot generate a new code, they can still access the appliance during the specified amount of time.
6.
Click Save.

Preparing for deployment

Appliance deployments require that you have 20 percent disk space. You can download and install the tools required to build the boot environment, upload the operating system installation source media, and enable the appliance to connect to target devices.

関連ドキュメント

The document was helpful.

評価を選択

I easily found the information I needed.

評価を選択