Hello,
I have an environment in which the commservers are separated on the domain and network side as well as on the hardware side from the clients to be secured (HW firewall, segmentation, backup domain, standalone ESXI for CV commservers etc). This means that no push installation from the commserve works. We had then installed clients with a software cache in the target domains, but now installing from them no longer works either. VMware NSX and other hardening measures were introduced.
Is there a description/process flow somewhere of how exactly the remote push installation works and what could be limiting it here?
Does the client to be installed access the software cache via SMB or is the data sent there?
Who makes the access via WMI/DCOM (Commserve, SoftwareCache Client) and can this be controlled?
Thanks for information.
