Appliance administration (Configure base attributes): Secure remote desktop access deployment guide by Symantec Free Trial | Support Virtualization Blog | Webcasts
Remote Desktop Control by BOMGAR Remote Desktop Access Remote Support Solutions Customers Help Desk Support News About Bomgar Contact Bomgar

Bomgar Box™ Secure Deployment Guide

Symantec-Recommended Security Settings

PDF PDF Version (387KB)   Email Email This Item


Appliance Administration

The Appliance Administration Interface is utilized to configure the base attributes for the device. Symantec recommends that the Bomgar Box™ be configured in a test environment before being transitioned into the production environment.

Recommendation Rationale
1. Network Restrictions
Symantec recommends that access to the /appliance functionality be restricted to only a subset of networks by choosing "Allow Only the Following Networks" and then supplying a list of networks. Ideally the list of networks would be composed of networks that house application and network administrators, including any VPN solutions that they may utilize.
If your administrators do not live on a separate network segment, Symantec recommends that the list of networks be composed of your internal network ranges.		 Security best practice is to limit all access to administrative functionality.
2. Allow SSLv2
Symantec recommends that support for SSLv2 be disabled.		 SSL version 2 is generally considered to be a weak cryptographic protocol with numerous avenues of attack.
3. SSL Certificate Request
Symantec recommends that a SSL Certificate Request be performed and signed by a trusted authority. At build time of your software package, your Bomgar support representative can configure your representative and support clients to employ the trusted Certificate Authority to authenticate the appliance.		 Certificates signed by a trusted authority are considered trusted by commonly installed web browsers. With a certificate signed by a trusted authority, web browsers are able to verify that they are talking to the appliance and not to an attacker.
Self-signed certificates do not offer that layer of trust and will prompt a security error in the remote web browsers. Users will not have a way of verifying that they are connecting to the appliance and will have to choose to accept the self-signed certificate.
4. Appliance Administrator Password
Symantec recommends that the Appliance Administrator account and password be different from that of the normal Administrator account.		 Segmentation of accounts limits the effective access if either of the accounts is compromised.
> Introduction
> Security Feature Overview
> Secure Deployment
DMZ
External Network
Internal Network
> Security Settings
Appliance Administration
Security
User Accounts
File Store
Operational Practices
> About Bomgar
> About Symantec
  << Previous | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | Next >>

 

The Adobe® logo is a registered trademark of Adobe Systems Incorporated in the United States and/or other countries.
© 2003-2008 Bomgar Corporation | All Rights Reserved Remote Desktop Access & Control | Remote Support | Remote Access Software for Unattended Systems
Remote Desktop Control by BOMGAR | PrivacyRemote PC Access | Mac Remote Access | Linux Remote Access | Remote Control for Windows Mobile