Re: [Fwd: Re: [SMBManagedServices] Re:[Fwd: Kaseya]]

["M.B.Jr." <marcio.barbado () gmail com>]

>  Jason Paquette wrote:
> > Marcio,
> >
> > These questions are very easily answered by Kaseya's sales team whom has
> > documentation to answer this.  The short answer is it is incredibly
> > secure...


Wooow! LOL
A code one can't see and notably, one can trust!
That is so amazing!


> > The original agent/server architecture was designed as an
> > encryption key manager for the National Security Agency.


Well you know,
all this remote dumping thing sort of reminds me of ECHELON, as a
matter of fact. =)
Nonetheless, I must ask you for trustable/probative references and
sources, please. Academic ones, most preferably.


> > The agent uses an
> > outbound connection only, so no open ports into the customer's firewall.
> > The agent opens an encrypted tunnel back to your server using 256bit
> > encryption with a rolling key.  The connection is extremely low overhead,
> > taking up only a few KB of bandwidth.  The Kaseya framework is in use by
> > Federal, State, and Local governments around the world, as well as by the US
> > Military... and of course by corporate IT departments and managed services
> > providers.
> >
> > And to avoid confusion; Kaseya is not appliance-based.  It is entirely
> > software based. It is installed on one Windows Server at the home
> > office/datacenter (not on a server at each site, only one server total).  A
> > small software agent is installed on each device (Windows or Mac) to be
> > managed.  All that is required is an outbound Internet connection from the
> > agent (no VPNs or inbound firewallports).
> >
> > For additional product information, your best resource is to contact
> > Kaseya directly...  No one knows the product better than they do.  If you
> > want to know how we as managed services providers use it in our businesses,
> > I'm sure we'll be happy to share.
> >
> > JASON PAQUETTE | COO
> > BUSINESS TECHNOLOGY GROUP, LLC.
> > Phone: 425.947.4860 ext. 101
> > Email: Jason () BusinessTG com<mailto:Jason () BusinessTG com>
> > Web: www.BusinessTG.com<http://www.BusinessTG.com>


See Jason, I googled for

site:nsa.gov kaseya

and nothing happened;
and, believe me, by the time I expanded the googling for

site:gov kaseya

besides grabbing a lot of Kaseya-named men,
the only relevant (if so) information we got was the following file at
the NIST's domain:

csrc.nist.gov/publications/nistpubs/800-40-Ver2/SP800-40v2.pdf

In its 72 pages, Kaseya's briefly mentioned (among many others) in the
62nd page (only) as a patch management software.

On 5/25/08, Susan Bradley <sbradcpa () pacbell net> wrote:
>  His job is to confirm that it's secure, not take the word of the vendor.

Dear Susan,
that's correct.


Thank you,



-- 
Marcio Barbado, Jr.

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Top 5 Common Mistakes 
in Securing Web Applications  
Find out now! Get Webinar Recording and PPT Slides

www.cenzic.com/landing/securityfocus/hackinar
------------------------------------------------------------------------