Enhancing the security of the WAPT serverΒΆ

By default, all WAPT packages are signed with your private key, which already provides a great level of security. However you can further improve the security of WAPT.

To fully secure your WAPT setup; you will want to do the following:

  • enable authenticated registration to filter who is authorized to register the device with the WAPT server;

  • enable https certificate verification on the agents and the console to ensure that the WAPT agents and the WAPT console are connecting to the correct WAPT server;

  • configure authentication against Active Directory to allow access to the WAPT console only to authorized WAPT admins;

  • enable Client-Side Certificate Authentication to only allow authenticated devices to access the WAPT server (Note: it is especially important if you want to expose your WAPT server to the outside in a DMZ);