Manually Unblocking The Remote Management Service; Remote Operator Identification; Browser Configuration; Session Security - Novell ZENWORKS 10 CONFIGURATION MANAGEMENT SP3 - REMOTE MANAGEMENT REFERENCE 10.3 Management Manual

4.7.2 Manually Unblocking the Remote Management Service

You can manually unblock the Remote Management service from the managed device or from
ZENworks Control Center.
To unblock the Remote Management service from ZENworks Control Center, the remote operator
must have Unblock Remote Management Service rights over the managed device.
1 In ZENworks Control Center, click Devices.
2 Click Servers or Workstations to display the list of managed devices.
3 Select the device to unlock.
4 Click Action, then click Unblock Remote Management.
5 Click OK.
To unblock the Remote Management service from the managed device:
1 Double-click the ZENworks icon in the notification area of the managed device.
2 In the left pane, navigate to the Remote Management, then click Security.
3 Click Enable Accepting Connections if Currently blocked due to Intruder Detection.

4.8 Remote Operator Identification

When a remote operator launches a remote session from ZENworks Control Center, a certificate that
helps the managed device to identify the remote operator is automatically generated. However, if the
remote operator launches the session in a standalone mode, the certificate is not generated and the
remote operator is recorded as An Unknown User in the audit logs, the Visible Signal and the Ask
User Permission dialog box. The Remote Management service retrieves the identity of the remote
operator by using the certificate provided by the management console during the Secure Socket
Layer (SSL) handshake. The SSL handshake happens for all the types of authentication except for
the VNC password authentication.
The Remote Management service on the device displays the details of the remote operator in the
visible signal dialog box, if the Give Visible Signal to the User on the Managed Device option is
enabled in the policy effective on the device. It also logs the information about the remote operator
in the Remote Management Audit logs.

4.9 Browser Configuration

If you use Internet Explorer to launch ZENworks Control Center on Windows Vista devices, then
turn off the protected mode in the security settings of the browser (Tools > Internet Options >
Security) and restart the browser.

4.10 Session Security

ZENworks Configuration Management uses Secure Socket Layer (SSL) to secure remote sessions.
However, the remote sessions launched using the VNC password-based authentication are not
secured. The authentication process happens over a secure channel as the SSL handshake takes place
regardless of whether session encryption is configured in the Remote Management policy or not.
Security 67