How to secure communication between WAN agents and Desktop Central Server?

Description

This document will explain you the steps involved in securing the communication between the Desktop Central server and WAN agents which are installed in various remote locations. 

Recommendation 

You will have to follow the steps mentioned below:

  1. Configure Desktop Central server in such a way, that it should be reachable via public IP/FQDN address. You can also configure the Edge Device/Router in such a way that all the request that are sent to the Public IP/FQDN address gets redirected to the Desktop Central Server.
  2. Ensure that the Desktop Central server has permission to reach/access the Active Directory if applicable.
  3. It is always recommended to use HTTPs mode for agent server communication
  4. It is recommended to secure communication for Remote Control (Tools -> Remote Control -> Settings)
  5. You will have to ensure that the following ports are open on the firewall based on the features that you use.

    Port Type Purpose Connection
    8027 TCP To complete on-demand tasks like inventory scanning, patch scanning, remote control, remote shutdown and moving agents from one remote office to another Inbound to Server
    8022 HTTP To enable Chat and System Manager Inbound to Server
    8383 HTTPS For communication between the agent or distribution server and the Desktop Central server Inbound to Server
    8443 HTTPS For Sharing Remote Desktops Inbound to Server
    8031 HTTPS For transferring files Inbound to Server

You have now secured communication between the Desktop Central server and the WAN agents.