A new Flexera Community experience is coming on November 25th, click here for more information.
Greetings,
I am trying to determine the potential impact of a beacon server on the security of a managed device.
More specifically, in https://helpnet.flexerasoftware.com/fnms/EN/WebHelp/PDF%20Documents/Cloud/GatheringFlexNetInventory.pdf it is said that an agent can download an update .osd package following the information contained in an .npl file.
I would like to confirm a couple of items:
- Are these files (.npl and .osd) protected from tampering and if Yes, how ?
- Where the packages containing agent updates are generated?
More generally, in the case a FlexNet server is compromised, could it be used as a stepping stone to compromise a managed device, for example, by making available a forged update package with a backdoor?
TIA
Best regards
Jul 24, 2019 11:17 AM
Jul 25, 2019 01:04 AM
While I believe, there is no technical measure to "magically" prevent tampering, you can still take your own measures. That would usually include managing access to the servers (web, file shares, RDP), maybe IAM, logging, monitoring, etc.
Jul 26, 2019 10:01 AM