Software-Dell KACE


What is KACE?

KACE K1000 Management Appliance (or KBOX for short) by Dell/KACE® (now Quest) is a hardware and software inventory management tool employed campus-wide at UMass Boston, primarily to automate and expedite the process of software updates.

More information on this appliance can be found from the KACE website.

Why is IT using KACE?

KACE provides numerous benefits such as an automated and expedited process of software updates, license management, software management/distribution, inventory management, remote support, and better security.

Key Features:

What benefits will I see as an end user?

Users will experience faster technical support from IT, more efficient and automated patch management via KACE, better remote IT support, and fewer OS support-related issues.

IT technical support will be able to diagnose your computer issues and fix the problem more quickly and easily based on the data collected from the computer via a web-based console.

What type of data does the KACE client collect from my computer?

The KACE agent collects information that is accessible through Windows’ Windows Management Instrumentation (WMI) or Mac’s System Profiler. The following is a partial list of information collected from university-owned computers with the KACE Agent installed.

Who will see the data and where is it stored?

The data will be seen by the authorized IT KACE administers and reports with aggregated data will be periodically present to IT senior management for review and actions.

The data is stored on a secure database within the Dell KACE K1000 appliance on university premises and only authorized personnel will be able access the asset database.

Can KACE or the KACE administrator see the name of my files or the contents?

Does my computer have KACE agent Installed?

The KBOX client is NOT licensed for use on personally-owned computers. IT currently installs KACE on both laptop and desktop computers used by faculty and staff.

Under what circumstances could my computer lose its KACE connection?

  1. The KACE connection will always be on when the computer is in use by an user (i.e. with user keyboard interaction and mouse movement)
  2. The KACE connection stays on when the screen saver has been turned on
  3. The KACE connection will be disconnected when the computer is in sleep mode.

Will I notice the KACE agent running on my machine?

No, the agent does not use much CPU resources and runs in the background. Users will not notice any performance issues as the agent scan runs in the background and the scan is not intrusive to the end user. You will only notice KACE when it asks your permission to make changes to your computer.

What happens when the KACE administrator pushes out software to my computer?

If the KACE administrator pushes out software to your computer, you will see a KACE dialog box similar to the one shown below (with the UMass Boston logo) appearing at the lower right hand corner of your screen. Depending on the nature of the software, users may be given the option to delay (snooze) the installation. However, users will certainly be given the option when s/he would like to reboot the computer (if needed).


What happen when KACE pushes out security or application patches to my computer?

The KACE agent will periodically notify you when critical operating system or application updates / patches are needed and alert you before downloading and installing those updates

When KACE pushes out security patching to your computer and rebooting is required to complete the process, users will have the option to snooze the reboot up to 30 times. After that, a KACE system dialog box (similar to the one below) will immediately appear. Do not hit the OK button (this is the only button in the box) until you are ready to reboot. This box will stay on for 1440 minutes (1 day) and your computer will be rebooted in 1 day automatically. These setting are to accommodate the extreme scenario that a user may leave the computer on unattended (but with KACE connection) for as long as 60 consecutive days. Therefore, DO NOT leave your computer on unattended or over 60 consecutive days, with the computer in the "Do Not Sleep" mode. If so, this computer will be rebooted automatically if KACE has applied patches on it.

Below are this dialog box set parameters:

Will KACE scan any storage connected to the computer (flash drives or hard disks)?

The K1000 will report in Computer Inventory the presence of all drives attached to a computer, but only during the scheduled inventory scan. (Default is every 2 hours.)

Which type of operating systems are supported by KACE?

Can I still apply patches myself?

Yes. The KACE client does not prevent you from applying patches yourself. However, if you do not apply these updates prior to receiving a KACE Alert, KACE will download and install the update for you.

Will KACE security patches upgrade my applications to new versions?

No. Security updates and application upgrades are separate processes. For example, KACE may apply a security update to your Microsoft Internet Explorer (IE) browser to take you from version 10.0 to 10.1 – or upgrade Adobe Acrobat Professional from version to; but it will not automatically upgrade you from major versions – IE 10 to IE 11 or Acrobat 8.x to 10.x. NOTE: In cases where a major application upgrade is needed – e.g. to address major security issues or to support institutional application compatibility – a separate campus upgrade notification will be sent.

What If I have mission-critical applications which are sensitive to patch updates?

The KACE Management system provides a great deal of flexibility and does not force us to use a ‘one-size-fits-all’ approach. If you have mission-critical applications (for the institution, department, or yourself) which you believe will not respond well to an automatic update process, please contact the IT Desktop Team through IT Service Desk and open a support request. The Desktop Team will work with you to either a) address the application sensitivity, or b) provide a ‘smart label’ which will include your computer in a patch exception group.

(Last updated July 2014)