ConnectWise Automate Firewall ports: The complete guide
ConnectWise Automate firewall ports have changed over the years, and many partners still have ports open that aren’t required (or are dangerous to have open). Since the guidance has changed over the years, we wanted to create an updated guide that covers how the protocols work, along with what firewall ports are required (and what […]
Cloud Automate security isn’t necessarily better
Is Cloud Automate (aka Hosted RMM) more secure? In light of the recent ScreenConnect vulnerability, ConnectWise has touted the security benefits of using their cloud-based products. The software and features are approximately the same no matter the hosting configuration (some space restrictions notwithstanding), so ultimately, the hosting decision is a business decision. However, when it […]
EoL software and MSP insurance requirements
Here at Automation Theory, we advocate for keeping Automate’s MySQL database patched for typical security/performance/stability reasons. However, we’ve recently seen clients purchase our MySQL maintenance packages for cyber insurance reasons — a trend we hadn’t seen before. One client explained that his insurance carrier added a clause that claims wouldn’t be covered if the software […]
MySQL 5.7 End of Life: What Connectwise Automate admins need to know
The MySQL 5.7 end-of-life date is October 21, 2023. Many Connectwise Automate partners are on MySQL 5.7, so here at Automation Theory, we wanted to clarify what that means for the day-to-day operations of Automate and how to take action. End of Life: Just like Windows Software end-of-life with Oracle is the same as with […]
Defending the MSP tool stack in a zero-day world
We had the pleasure of being a vendor and speaking at MSPGeekCon23 — and it was a fantastic conference! We presented our talk, “Defending the MSP tool stack in a zero-day world,” and converted it into a blog format below. Setting the stage: the zero-day world Zero-day attacks are increasing, and it’s all fun and […]
Connectwise Automate IP Restrictions: The good, bad, and ugly
IP restrictions for Connectwise Automate were released in patch 2022.11. This long-awaited feature has some nuances worth noting in the implementation, which we’ll discuss below. But first, let’s review the good parts of this feature. The good: IP restrictions are possible with Connectwise Automate Right off the bat, it’s worth noting that this much-requested feature […]
Why should every Automate server have a WAF?
MSPs everywhere are concerned about RMM security, and with good reason — cyber attacks against MSPs are increasing. Bad actors know that the RMM system is the entry point to all downstream client environments. This ability paints a large target on any RMM, making them challenging to defend (especially since attackers likely have a more […]
State of Connectwise Automate Security 2022
We’re approaching the one-year anniversary of the Kaseya VSA attacks, and here at Automation Theory, we were curious about the state of security for Connectwise Automate. Many MSPs we work with are concerned about similar threats and attacks against the Automate platform. To this end, we wanted to track and provide meaningful reporting about the […]
How to defend ConnectWise Automate in a Cyberwar
Recent world events lead many to conclude that cyber-attacks may be imminent for many countries, and protecting Connectwise Automate from such attacks is on the mind of many MSPs. Below we discuss some background on the threat, and what MSPs can do to defend ConnectWise Automate in a cyberwar. Cyberwar: Are MSPs a target? As […]
How to pwn an Automate server: Connectwise Automate LAN Security
ConnectWise Automate security is something at the forefront of discussion for every MSP. Previously we’ve discussed security from the WAN angle, and how reverse proxy technology can be implemented to reduce the attack surface. However, internal LAN communications can also be an attack vector, and here at Automation Theory, we wanted to give proper attention […]