1.16 Managing devices used outside the company

There are two ways to manage computers used outside the company with JP1/IT Desktop Management 2: by connecting computers with the management server via VPN or by connecting computers with a higher system via the Internet gateway.

This section describes how to manage the connection of computers to a higher system via the Internet gateway. This section also describes how to manage the expiration date of the server certificate set on the Internet gateway server.

Tip: To connect computers to the management server via VPN, you have to specify VPN connection settings on the managed computers. For details, see 1.15 Configuring a VPN connection of a PC for use outside the company.

To connect computers with a higher system via the Internet gateway:

Install an agent on a managed computer. For details, see (2) Installing agents on computers.
In the Agent Configurations view of the Settings module, under Basic settings, select the Perform HTTPS communication with the higher system via the Internet Gateway check box.
Under Perform HTTPS communication with the higher system via the Internet Gateway in Basic settings, set the host name and port number of the Internet gateway server in Internet Gateway.
Change Communication Settings - Communication Error Settings - Timing to Assume that a Communication Error Occurred - Assume that a communication error occurred if no response is received from communication software within the specified period setting from 5 minutes to 30 minutes.

When collecting files with large capacity exceeding 1 GB with the remote collection function, set the value to 120 minutes. If the setting value is increased, when there is no response from the server due to a temporary failure such as communication failure or server failure, it takes time until it is assumed as an error, so the time to the next polling will be longer.

Tip: To set Internet gateway connection authentication, in the Agent Configurations view of the Settings module, under Basic settings, in Internet Gateway Communication Settings, select the Authenticate the User check box. For User ID and Password, specify the user name and password for basic authentication that you have set for Default Web Site in Microsoft Internet Information Services on the Internet gateway server.

Tip

If a computer used outside the company needs to go through a proxy server in order to communicate with the Internet gateway, set information regarding the proxy server to be used by selecting the Use Proxy Server check box (which is displayed in the Agent Configurations view of the Settings module, under Basic settings, in Internet Gateway Communication Settings).

Furthermore, during agent setup, you can select whether to use a value set with the management server or the one set with the client.

To manage the expiration date of the server certificate for the Internet gateway server:

The server certificate set for the Internet gateway server must be updated to ensure that it does not expire. Registering the server certificate as contract information in JP1/IT Desktop Management 2 allows you to manage the expiration date of the server certificate.

Registering contract information for the server certificate

In the Assets module, select Contracts and then Contract List. In the displayed view, enter contract information. For details about this procedure, see 11.3.1 Adding contract information. For example, enter the following contract information:

Contract Name: Server certificate for the Internet gateway
Contract Term: Expiry date of the server certificate
Associated Information: Hardware assets of the Internet gateway

Add description and attachments as necessary.

Checking the contract of the server certificate that is about to expire

In the Home module or in the Dashboard view that is displayed by selecting Overview in another module, refer to the Expired Contracts (next 3 months) panel.

Tip

If the Expired Contracts (next 3 months) panel is not displayed, display it by selecting the View menu and then setting Panel Layout. For details about this procedure, see 5.1 Setting the panels to be displayed and their layout.
If you change the contract status of the server certificate to Expired, the server certificate in question does not show up in the Expired Contracts (next 3 months) panel.

To enable switching the connection destination of managed computers which brings to inside of the company:

Managed computers taken out of the company connect to the Internet gateway. You can change settings that these computers connect to the management server directly when they are brought to inside of the company.

To do so, open the Agent Configurations view of the Settings module, and then select Basic settings, and then Perform HTTPS communication with the higher system via the Internet Gateway. Select the Communicate directly with the higher system if the Internet Gateway is unavailable check box.

Tip: In an environment where a proxy server is used to access the Internet from the internal network, the computers cannot access the Internet gateway unless you set a proxy server for the internal network by opening the Agent Configurations view and then selecting Basic settings, Internet Gateway Communication Settings, and then Use Proxy Server. This means that by simply selecting Basic settings, Perform HTTPS communication with the higher system via the Internet Gateway, and then the Communicate directly with the higher system if the Internet Gateway is unavailable check box, computers connected to the internal network can directly access the management server without passing through the Internet gateway (in other words, there is no need to edit the proxy server setting).

Tip: In an environment where a proxy server is not used for access to the Internet from the internal network, set a firewall such that an attempt to access the Internet gateway from the internal network fails with an error.

To Page Top