I'm consulting for a company that uses ManageEngine's Endpoint Central to manage their computers and deploy updates. Right now, it's only accessible on-premises, but they're interested in using the Secure Gateway Server feature to manage devices remotely without a VPN connection. Has anyone had experience with this feature? I'm particularly concerned about its security, given that it relies on certificate-based authentication and could potentially expose internal systems. Are there better strategies to securely manage remote endpoints?
2 Answers
From what I've seen, the Secure Gateway Server (SGS) should be pretty secure if set up correctly. I worked on a similar setup and placed the gateway in a DMZ with firewall rules limiting it to communicate only with the central server. This way, you can keep the network more secure while still allowing access. Just make sure your endpoint security measures are up to par!
If remote management is your primary goal, then the Secure Gateway could work. However, if security is a bigger concern, consider using MyWorkDrive instead. It focuses on secure access, exposing only file access rather than providing complete management control. This approach minimizes risks by enforcing strict access privileges.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures