Best Practices for Securing your SMA (4209518)

The KACE SMA Systems Management Appliance is an easy-to-use, comprehensive and affordable solution for systems management. The offering tightly integrates services needed to discover, inventory, assess and manage the systems in your computing environment.

A great deal of care has gone into designing the appliance to assist in keeping your computing environment secure. Administrators, users and endpoint agents communicate with the appliance using web interfaces. All web communications are encrypted when SSL has been configured. Users can be authenticated to the SMA using your existing directory services, and can be authorized to perform only certain functions based on their assigned role. Extensive auditing features are provided to enable administrative actions to be independently tracked.

In addition, the underlying operating system and associated services of the appliance have been hardened to eliminate potential security vulnerabilities and minimize risk. KACE Quality Assurance processes continuously evaluate potential vulnerabilities in the software used to deliver SMA functionality and provide resolutions to identified vulnerabilities as part of periodic updates to the appliance.

Several deployment options exist to accommodate the needs of your computing environment and user community, each with security implications to consider. This technical brief provides recommendations for those deployment choices, as well as alternatives that might better suit your needs. We recognize that there may be additional implementation choices for your environment that are not discussed in this paper. We recommend you follow best practice as mentioned in this document as a guideline, independent of the options you select. A review of your implementation plan with KACE is always welcome.