Versions Compared

Version Old Version 3 New Version Current
Changes made by

Michael MacDonald

George Moore

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3
Attachments

Overview

The LANDesk Cloud Services Appliance (formerly called the LANDesk Gateway Appliance) is a hardware appliance installed the TAB Data Center that allows clients off campus to communicate back to the LANDesk Core Server without using VPN.Key Features 


Gathers hardware and software inventory from up to 4,000 active connections simultaneously
Performs on-demand remote control
Monitors software licenses
Accesses policy-based software distribution
Performs patch management
Executes anti-spyware management
Carries out antivirus enforcement and management
Manages security threats
Blocks applications
Enables bidirectional management traffic for:
Inventory and software license monitoring
Software distribution and application policy
Vulnerability detection
Configuration security maintenance and patch management
 
 
Security
Uses certificate-based authentication and SSL encryption over any existing Internet connection to let you securely manage users anytime, anywhere
Sends all data with SSL encoding
Allows clients to access the core server only in order to maintain the security of the corporate firewall
Secure Architecture
Features a hardened Linux kernel
Includes certificate-based authentication
Offers a dual-SSL session architecture
Includes a system file integrity scanner
Features a built-in firewall, so you don’t need to make changes to the corporate firewall
Includes logging capabilities
Configuration security maintenance and patch management Image RemovedThis enables IT groups to collect inventory data, install software, and patch security issues while computers are off campus.

Limitations

Due to the design of the Management Gateway the Core Server doesn’t have the ability to contact any clients connecting through the Gateway. The core more or less responds to requests. This design limits how you can distribute software packages and patches through the Gateway and results in a few requirements in order to make the process work. The following is a list of guidelines to follow for all scheduled tasks for a Management Gateway Client:

  1. All tasks are required to have a distribution type of policy so a push will not work. If anything is needed from the client it must take the form of a policy so the client will check-in with the core and receive the request. For example: If an inventory scan (outside of the regular scan) is needed then it needs to be scripted in a custom script.
  2. All software distribution packages and patches must reside on the core server. The Management Gateway bridges an SSL Tunnel between the client and core server. This tunnel enables the client to communicate with the core but ONLY the core.
  3. All software distribution packages and patches need to be shared via a Web Share. Also due to design a client will not be able to download files from the core on anything other than a Web Share.
  4. Broker Certificates on the client are required. See previous section.

  Image Added

Resources

Additional information is available on Landesk's website: http://community.landesk.com/support/community/systems/cloudservices