KACE SMA Agent with SSL/TLS Interception and Inspection
The KACE SMA Agent uses an encrypted TLS session to validate the integrity of the connection it makes to the KACE Systems Management Appliance. This trusted connection is established the first time the agent connects to the Systems Management Appliance and ensures that all subsequent connections are being made to the same system. This allows the agent to prevent man-in-the-middle attacks and unintended connections to a Systems Management Appliance that it is not being managed by. Many firewalls, network gateways or load balancers perform SSL/TLS inspection and interception of network traffic to decrypt and inspect raw traffic. When devices such as these are placed between the KACE SMA Agent and the KACE Systems Management Appliance the agent interprets the certificate manipulation they perform as a man-in-the-middle attack and does not trust the connection as a result. This behavior is by design.
Sign In Required
You need to be signed in and under a current maintenance contract to view premium knowledge articles.