Security parameters

The parameters in this node define the options for secure agent communication. This includes the way the agents communicate between each other as well as the certificates being used for secure communication. For Windows devices the access to the MyApps Kiosk may also be defined.

Parameter

Description

Access Control

Defines the security when agents communicate with each other, that is, if the Precision Access Control (PAC) handshake is to be used for inter-agent communication:

  • No : as a server, allow PAC connections with client authentication as well as non PAC connections. As client, no PAC connections are required.
  • Securised Send, Receive Both : as server, allow PAC connections with client authentication as well as non PAC connections. As client, only allow PAC connections.
  • Yes : Only allow PAC connections (as server or client).
  • Yes with mutual authentication : Only allow PAC connections (as server or client) with mutual authentication.

Secure Communication

Defines if the agent communicates in secure format. The possible values are:

  • No : The agent accepts both securized and non-securized communication, however it sends only non-securized communications.
  • Securized Send, Receive Both : The agent accepts both securized and non-securized communication, however it sends only securized communications.
  • Yes : The agent only communicates in secure mode, that is, it only receives and sends securized communication.
  • Yes with mutual authentication : The agents communicate in secure mode and in addition authenticate each other via SSL.

Authority Certificate

Defines the name of the certificate authority which is currently configured.

Trusted Authorities

Defines the list of names of the trusted authorities configured which the local agent may trust for communication.

User Certificate

The integration defined final certificate to be used for the server role. It expects a certificate name (without extension) registered in the Agent certificate store (integration section), for example, Numara, enterprise, starfleet .

Integration Certificate

Defines the list of names of the trusted authorities configured which the local agent may trust for communication.

Current Integration Certificate

The currently used integration defined final certificate for the server role. This is a certificate name (without extension) registered in the Agent certificate store (integration section), for example, Numara, enterprise, starfleet .

Block Navigation from Agent User Interface

Check this box if the agent user interface is to be run in the browser's kiosk mode (fullscreen without menus or naviation bar). The installation of an add-on may be necessary to be able to use this mode (for example, with Firefox).

Strict Agent User Interface Authentication

Indicate ifthe user can apply operational rules assigned to the device without explicit authentication. If the strict authentication mode is disabled the user is able to execute operational rules locally without authentication. Enabling this parameter forces user authentication for all cases. This parameter is ignored for rules that are assigned to users.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*