How to secure communication between WAN agents and Endpoint Central Server?

Description

This document will explain you the steps involved in securing the communication between the Endpoint Central server and WAN agents which are installed in various remote locations. 

Recommendation 

You will have to follow the steps mentioned below:

1. Configure Endpoint Central server in such a way, that it should be reachable via public IP/FQDN address. You can also configure the Edge Device/Router in such a way that all the request that are sent to the Public IP/FQDN address gets redirected to the Endpoint Central Server.
2. Ensure that the Endpoint Central server has permission to reach/access the Active Directory if applicable.
3. It is always recommended to use HTTPs mode for agent server communication
4. It is recommended to secure communication for Remote Control (Tools -> Remote Control -> Settings)
5. You will have to ensure that the following ports are open on the firewall based on the features that you use.
   
   

   Port	Type	Purpose	Connection
   8027	TCP	To complete on-demand tasks like inventory scanning, patch scanning, remote control, remote shutdown and moving agents from one remote office to another	Inbound to Server
   8022	HTTP	To enable Chat and System Manager	Inbound to Server
   8383	HTTPS	For communication between the agent or distribution server and the Endpoint Central server	Inbound to Server
   8443	HTTPS	For Sharing Remote Desktops	Inbound to Server

You have now secured communication between the Endpoint Central server and the WAN agents.