This document will explain you the steps involved in securing the communication of agents/distribution servers with the Server using Secure Gateway component. Secure Gateway can be used when server is contacted by the DS/agent through internet. It prevents the exposure of Desktop Central MSP Server directly to the internet by serving as an intermediate server between the Desktop Central MSP server and customer agents. This ensures that the Desktop Central MSP Server is secure from risks and threats of vulnerable attacks.
Desktop Central MSP Secure Gateway is a component that will be exposed to the internet. This Secure Gateway acts as an intermediate server between the managed customer agents and the Desktop Central MSP server. All communications to the server will be navigated through the Secure Gateway. When the agent tries to contact the Desktop Central MSP server, Secure Gateway receives all the communications and redirects to the Desktop Central MSP Server.
Note: Map your Secure Gateway's public IP adress and Desktop Central MSP server's private IP address to a common FQDN in your respective DNS. For example, if your FQDN is "product.server.com", map this to both your Secure Gateway and Desktop Central MSP server IP address. By this mapping, the WAN agents/DS will access Desktop Central MSP server via Secure Gateway (using internet).
The hardware requirements for secure gateway server include the following :
Processor : Intel Core i5(4 core/8 thread) 2.3 GHz. 6 MB cache
RAM size : 4 GB
To introduce Secure Gateway based communication to Desktop Central MSP, follow the steps given below:
Ensure that you follow the steps given below
|8041||HTTPS||For communication between the WAN agent/Distribution Server and the Desktop Central MSP server using Desktop Central MSP Secure Gateway||Inbound to Server|
|8057||TCP||To perform on-demand operations and to check the live status of agent||Inbound to Server|
|8047||HTTPS||Web socket port used for remote control, chat, system manager etc||Inbound to Server|
|8053||FTP||Used during File transfer in remote control||Inbound to Server|
You have now secured agent server communication using Desktop Central MSP Secure Gateway Server.