Scenario: Connecting out-of-office devices through a secondary Administration Server in DMZ

If you want to connect managed devices that are located outside of the main network to Administration Server, you can do it by using a secondary Administration Server located in the demilitarized zone (DMZ).

Prerequisites

Before you start, make sure that you have done the following:

Stages

This scenario proceeds in stages:

  1. Selecting a client device in the DMZ

    In the DMZ, select a client device that will be used as a secondary Administration Server.

  2. Installing Kaspersky Security Center Administration Server

    Install Kaspersky Security Center Administration Server on this client device.

  3. Creating a hierarchy of Administration Servers

    If you place a secondary Administration Server in the DMZ, the secondary Administration Server must receive a connection from the primary Administration Server. To do this, add a new Administration Server as secondary so that the primary Administration Server connects to the secondary Administration Server through port 13000. When combining two Administration Servers into a hierarchy, make sure that port 13291 is accessible on both Administration Servers. Administration Console connects to an Administration Server through port 13291.

  4. Connecting out-of-office managed devices to the secondary Administration Server

    You can connect out-of-office devices to the Administration Server in the DMZ in the same way that the connection is established between Administration Server and managed devices that are located in the main network. Out-of-office managed devices initiate the connection through port 13000.

Page top