ZENworks systems that are enabled for agent-server secure communication allow only authorized devices to register. The available authorization methods are discussed below along with recommendations for each method.
Authorization keys can be entered during ZENworks Agent installation to allow the agent to register to the zone. Best security practices for Authorization keys include:
Use the maximum number of characters (10)
Use mixed case and numbers
Restrict the number of times the key can be used
Specify a short expiry date
For instructions on using Authorization keys, see Registering Devices in the ZENworks Discovery, Deployment, and Retirement Reference.
Devices can be pre-approved for registration. Best security practices for pre-approved devices include:
Select as many device match values as possible
Enable differentiation
Specify a short expiry date
Set the preapproval to expire on registration or on reconciliation
For instructions on using a pre-approved devices list, see Registering Devices in the ZENworks Discovery, Deployment, and Retirement Reference.
When including the ZENworks Agent in an image:
You can create an add-on image with a plain-text Authorization key embedded in it for mass deployments
For stronger security, use pre-approved devices