Your thoughts would be appreciated. I have been asked to investigate if it is possible to only allow secure access to the ePO console from dedicated and identified terminals. Therefore not everyone with administrator access can RDP into the console from where ever.
Is it reasonable to have an IPSec policy that only responds to requests from an RDSH proxy?
I would assume this question is related to ePO server HBSS
The component that you should be looking at is the HIPS component I would suggest your run it on learning mode and try ro RDP to it and then check the ports blocked applications accessed from ur clients and allow them through the tight HIPS component e.g. Firewall rules - application blockings etc
You might want to try to look at the ePO manual to check on how you be able to configure it
Message was edited by: allamiro on 3/21/11 12:08:36 PM CDT
I would say that this, like anything else, could be accomplished multiple ways. Certainly HIPS or IPSec policies could be used to restrict access either from the unauthorized systems, to the ePO console, or both.
It might be helpful to understand why. Are you concerned about somone already on the network identifying the ePO server? Maybe it's about someone trying to brute force an ePO user account? Do you live in a bad part of town and suffer the same paranoia as me?