Cloud Management Gateway (CMG) provides an easy way to manage Configuration Manager clients. You deploy CMG as a cloud service in Microsoft Azure. Then you can manage clients traveling on the Internet or located in branch offices at WAN without any additional on-premises infrastructure. Plus, you do not have to expose your on-premises infrastructure to the Internet.
How Cloud Managed Gateway Works?
Cloud Managed Gateway works with our existing patching and deployment services (aka SCCM) in our data centres without investing in additional hardware or exposing SCCM to the Internet, protecting our security.
The PCs are configured to connect to Azure cloud services rather than require the PC to log in via VPN to receive patches and upgrades. This does not eliminate the need for VPN for other things, just for managed software configurations.
Step by Step Instructions for Setting up a Cloud Management Gateway
The Cloud Management Gateway (CMG) provides an easy way to manage Configuration Manager clients over the Internet. By deploying the CMG as a cloud service in Microsoft Azure, you can manage traditional clients traveling on the Internet without additional infrastructure.
Following is the step-by-step process to set up Cloud Management Gateway:
- Initially, the service connection point connects to Azure through HTTPS port 443. It authenticates with Azure AD or the Azure management certificate. The role of the service connection point is to provision the CMG in Azure. Later on, CMG creates the HTTPS cloud service using the server authentication certificate.
- In the second step, the CMG connection point connects to the CMG in Azure with the help of TCP-TLS or HTTPS. It keeps the connection open and establishes a two-way communication channel for future needs.
- Moving ahead, the client connects to the CMG over HTTPS port 443. It authenticates itself using Azure AD or the client authentication certificate.
- Further, the CMG forwards the client communication over the existing connection to the local CMG connection point. There is no need to open any kind of inbound firewall ports.
- The CMG connection point forwards the client communication to the local management point and the software update point in the last step.
If you want us to set up your Cloud Managed Gateway, then talk to one of our experts now for high-level help. For more information, you can visit iSmile Technologies and connect with us for consultation.