Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

Using Policy Manager with outside clients

Hello everyone!

 

What steps would be needed to use our Client Secuirty package for our outside users (Sales Staff)?  These users are rarely in the presense of the Policy Manager Server (perhaps only 2-3 times a year) but we would still like to know their status and be able to get policy updates to them. 

 

Any advice would be appreciated!

Kyle

Best Answer

  • MJ-perCompMJ-perComp Posts: 1,098
    Accepted Answer

    While from a TCO (total cost of ownership) point of view the best solution would be to switch those users to PSB because it addresses  your problems by design, there is nothing special  to do if they login regularly via VPN.

     

    If you still want to put them on a public address I would recommend to place a separate PMS in the DMZ and have NGINX do additonal protective work as a reverse proxy.

    But as a said a lot of effort for a few clients, better go for PSB on these.

Comments

  • PSB is ideal for this, and we considered it for the whole environment but with 230 endpoints and growing we chose to do on-premise.

     

    On the sales staff, most have their own computer and not a company provided one and they usually get Macs so I am not worried about those clients. Mainly the Manager, and VP of Sales but we can deal with them and hence why I want wanting to so a seperate PSB account for 2-4 users.

     

     

    We will consider the VPN option.

  • etomcatetomcat Posts: 1,312

    Hello,

     

    > they usually get Macs so I am not worried about those clients

     

    Worried not You should be!

     

    https://it.slashdot.org/story/17/02/15/1231201/russian-cyberspies-blamed-for-us-election-hacks-are-now-targeting-macs

     

    Russian Cyberspies Blamed For US Election Hacks Are Now Targeting AppleMacs

     

    Best Regards: Tamas Feher, Hungary.

  • I agree but since they are perosonal and not company owned, I don't have control over them. We have them login to company resources through our Terminal Server, which of course has the Server Security Client on it.

    etomcat
This discussion has been closed.