Kaseya’s Enterprise Class Security allows companies to securely take charge of their infrastructure and transparently and remotely manage servers, desktops, mobile devices (notebooks and hand-helds), home-based desktops and embedded systems all from a central management console. The solution is ideal for growing and distributed businesses around the globe that want to streamline systems management and automate IT operations.
Kaseya Agent
The Kaseya architecture is central to providing maximum security. Each managed system has a light-weight agent installed that initiates all communications back to the server. Since the agent will not accept any inbound connections, it is impossible for a third-party application to attack the agent from the network.
Firewalls
Kaseya does not need any input ports opened on client machines, this lets the agent do its job in any network configuration without introducing susceptibility to inbound port probes or new network attacks.
Encryption
Kaseya protects against man-in –the middle attacks by encrypting all communications between the agent and server with 256-bit RC4 using a key that rolls every time the server tasks the agent (typically at least once per day). Since there are no plain-text data packets passing over the network, there is nothing available for an attacker to exploit.
Secure Access
Administrators access the Kaseya server through a Web interface after a secure logon process, the system never sends passwords over the network and never stores them in the database. Only each administrator knows his or her password. The client side combines the password with a random session, and hashes it with SHA-1. The server side tests this result to grant access or not. This unique random challenge protects against a man-in-the middle attack sniffing the network, capturing the random bits and using them later to access the Kaseya Server
Web Access
The Web site itself is protected by Kaseya’s patch management features. The Kaseya patch scan is run on the Kaseya server every day. As soon as new patches are released, Kaseya automatically detects new patches and applies them automatically. Finally, for maximum Web security, the Kaseya server Web pages fully support operating as an SSL web site.