End users are able to access the Background Server's web interface or a particular webengine in the given environment. What are the recommended approaches to disallow end users from accessing the given server's web interface?
Release : 17.1 and higher
Component : SERVICE DESK MANAGER
It is not possible to configure Service Desk on its permissions (access type and roles) to prevent end users from accessing a specific web engine (see Additional Information in the case of the Background Server).
If the user has knowledge of the given server and port for the webengine, the user would be able to intuit the direct address for the given webengine to access through their browser.
The key to blocking such access to the users is to configure your network and firewall to reroute or disallow access for those users based on the relevant parameters, such as the user's IP address/subnet configuration. Environments can also make use of a load balancer, such as the built in web director function to control user access to certain webengines as well.