Chat now with support
Chat with Support

KACE Systems Management Appliance 9.1 Common Documents - Administrator Guide

About the KACE Systems Management Appliance (SMA) Getting started
Configuring the appliance
Requirements and specifications Power-on the appliance and log in to the Administrator Console Access the Command Line Console Tracking configuration changes Configuring System-level and Admin-level General Settings Configure appliance date and time settings Enable Two-Factor Authentication for all users Verifying port settings, NTP service, and website access Configuring network and security settings Configuring Agent settings Configuring session timeout and auto-refresh settings Configuring locale settings Configuring the default theme Configure data sharing preferences About DIACAP compliance requirements Configuring Mobile Device Access Enable fast switching for organizations and linked appliances Linking Quest KACE appliances Configuring history settings
Setting up and using labels to manage groups of items Configuring user accounts, LDAP authentication, and SSO Using Replication Shares Managing credentials Configuring assets
About the Asset Management component Using the Asset Management Dashboard About managing assets Adding and customizing Asset Types and maintaining asset information Managing Software assets Managing physical and logical assets Maintaining and using manual asset information Managing locations Managing contracts Managing licenses Managing purchase records
Setting up License Compliance Managing License Compliance Setting up Service Desk Configure the Cache Lifetime for Service Desk widgets Creating and managing organizations Importing and exporting appliance resources
Managing inventory
Using the Inventory Dashboard Using Device Discovery Managing device inventory
About managing devices Features available for each device management method About inventory information Tracking changes to inventory settings Managing inventory information Finding and managing devices Provisioning the KACE SMA Agent Manually deploying the KACE SMA Agent Using Agentless management Adding devices manually in the Administrator Console or by using the API Forcing inventory updates Managing MIA devices Obtaining Dell warranty information
Managing applications on the Software page Managing Software Catalog inventory
About the Software Catalog Viewing Software Catalog information Adding applications to the Software Catalog Managing License assets for Software Catalog applications Associate Managed Installations with Cataloged Software Using software metering Using Application Control Update or reinstall the Software Catalog
Managing process, startup program, and service inventory Writing custom inventory rules
Deploying packages to managed devices
Distributing software and using Wake-on-LAN Broadcasting alerts to managed devices Running scripts on managed devices Managing Mac profiles Using Task Chains
Patching devices and maintaining security
About patch management Subscribing to and downloading patches Creating and managing patch schedules Managing patch inventory Managing Dell devices and updates Maintaining device and appliance security
Using reports and scheduling notifications Monitoring servers
Getting started with server monitoring Working with monitoring profiles Managing monitoring for devices Working with alerts
Using the Service Desk
Configuring Service Desk Using the Service Desk Dashboard Managing Service Desk tickets, processes, and reports
Overview of Service Desk ticket lifecycle Creating tickets from the Administrator Console and User Console Creating and managing tickets by email Viewing tickets and managing comments, work, and attachments Merging tickets Using the ticket escalation process Using Service Desk processes Using Ticket Rules Run Service Desk reports Archiving, restoring, and deleting tickets Managing ticket deletion
Managing Service Desk ticket queues About User Downloads and Knowledge Base articles Customizing Service Desk ticket settings Configuring SMTP email servers
Maintenance and troubleshooting
Maintaining the appliance Troubleshooting the KACE SMA
Appendixes Glossary About us Legal notices

Verifying port settings, NTP service, and website access

Verifying port settings, NTP service, and website access

Port settings, NTP service, and website access must be configured correctly to enable features such as Agent communications, Software Catalog updates, and patch downloads.

Verify port settings

Verify port settings

Appliance ports must be configured correctly to enable device management and database or file access.

Port

Use

Direction

20 and 21

(Optional and not recommended) Used to access backup files on the appliance through FTP from outside the firewall.

Inbound to the appliance

22

(Recommended) Used to create an SSH tunnel to quest.com.

Outbound from the appliance

25

(Optional) Used by the appliance SMTP server for email (non-SSL). This is required only if you configure SMTP email. See Configuring SMTP email servers.

Outbound from the appliance

80

(Required unless SSL is enabled) Used for standard HTTP (web) access to the Administrator Console and User Console.

Inbound to the appliance

110

(Optional) Used for POP3 email (non-SSL)

Inbound to the appliance

161

(Optional) Used for SNMP monitoring. See Discovering devices on your network.

Outbound from the appliance

443

(Required) Used for SSL access. Devices use this port when they check in to the appliance using HTTPS.

Inbound to the appliance

587

(Optional) Used by the appliance SMTP server for secure email (SSL enabled). This is required only if you configure secure SMTP email. See Configuring SMTP email servers.

Outbound from the appliance

995

(Optional) Used for POP3 email (SSL enabled).

Inbound to the appliance

3306

(Optional) Used to access the appliance database with external tools. For example, this port is used to run reports on the KACE SMA database using Microsoft Access® or Excel®.

Inbound to the appliance

52230

(Required) Used for AMP (Agent Messaging Protocol) communications. The appliance listens on this port for communications from devices on which the KACE SMA Agent is installed.

Inbound to the appliance

Port

Use

7

(Optional) Used by the appliance for UDP traffic on the network, which is used for Wake-on-LAN. See Using Wake-on-LAN.

139

(Optional) Used during KACE SMA Agent provisioning on Windows devices.

161

(Optional) Used for SNMP monitoring. This port should be open and bound to SNMP. See Discovering devices on your network.

445

(Optional) Used during KACE SMA Agent provisioning. See Provisioning the KACE SMA Agent.

Port

Use

389

(Optional) Used for LDAP access.

636

(Optional) Used for secure LDAP access.

Verifying the status of the NTP service

Verifying the status of the NTP service

When downloading patches using HTTPS, the NTP (Network Time Protocol) service must be running on the KACE SMA. The NTP service is required because the secure protocol uses the current date stamps from the appliance to ensure certificate validity.

If the NTP service is not running, patch download failures, suggesting invalid certificates, might result.

Make necessary websites accessible to the KACE SMA

Make necessary websites accessible to the KACE SMA

To complete patch downloads, access product information, and interact with Quest Support, firewall, DNS server, and proxy server settings must allow the KACE SMA to access domains on both port 80 and port 443.

Ensure that the KACE SMA Administrator Console has links to the following websites:

Website

Description

https://twitter.com/quest

Twitter®

https://www.facebook.com/questsoftware

Facebook®

http://linkedin.com/

LinkedIn®

http://my.kace.com/inKpadsubscriptioncenter

Quest KACE Inkpad

https://www.quest.com/community/b/en/p/endpoint-management

Quest KACE blog

https://kace.uservoice.com/forums/82699-k1000

Quest KACE Uservoice

Related Documents