14.5 Authorized Registration Methods

ZENworks systems that are enabled for agent-server secure communication allow only authorized devices to register. The available authorization methods are discussed below along with recommendations for each method.

14.5.1 Authorization Keys

Authorization keys can be entered during ZENworks Agent installation to allow the agent to register to the zone. Best security practices for Authorization keys include:

  • Use the maximum number of characters (10)

  • Use mixed case and numbers

  • Restrict the number of times the key can be used

  • Specify a short expiry date

For instructions on using Authorization keys, see Registering Devices in the ZENworks Discovery, Deployment, and Retirement Reference.

14.5.2 Pre-approved Devices

Devices can be pre-approved for registration. Best security practices for pre-approved devices include:

  • Select as many device match values as possible

  • Enable differentiation

  • Specify a short expiry date

  • Set the preapproval to expire on registration or on reconciliation

For instructions on using a pre-approved devices list, see Registering Devices in the ZENworks Discovery, Deployment, and Retirement Reference.

14.5.3 Authorized Registration for Device Imaging

When including the ZENworks Agent in an image:

  • You can create an add-on image with a plain-text Authorization key embedded in it for mass deployments

  • For stronger security, use pre-approved devices