Security Recommendations | ManageEngine Remote Access Plus

Security Hardening Tips and Recommendations

This document will help you harden the security in Remote Access Plus.

Update the Latest Security Patches

Remote Access Plus immediately releases the security patches for identified security issues. Follow this Security Updates Group to stay updated with the latest security patches.

Enable Secure Log-in

To enable secure log-in, go to the Admin tab and under Security and Privacy, click on Security Settings.

Under Secure User Access, perform the following steps:

Configure Two Factor Authentication
Enable Secure Communication (HTTPS) for Central Server
Disable the default admin account

Under Agent Security Settings, perform the following steps:

Restrict end-users from stopping agent service
Restrict end-users from uninstalling the agent and distribution server
Enable trust-based agent approval.

Use Third Party Trusted Certificates

It is recommended to configure Remote Access Plus with a trusted third party certificate to ensure secured connections between the network computers and the server. However, for secure communication using HTTPS, a default self-signed certificate will be provided along with the server.

Enable Secure Agent Server Communication

To enable secure agent server communication, go to the Admin tab and click on Security Settings, and under Secure agent server communication, perform the following steps:

Enable secure communication for agents
Enable secure remote control and file transfer operations