I have been playing around now for a while. I would like to understand a little more about security.
Obviously, as a starting point, a good password policy is enforced. But it concerns me that placing an enabled machine on the Internet with remote access open is going to be an issue - a brute force hacker would get in eventually?
So what stops attacks, can you restrict access from a list of places? I have searched for any reference material but haven't found any yet.
BTW I don't have an option for a perimeter firewall device.
The vPro platform was designed with the idea that it would be used behind a firewall, so, having it directly on the Internet has obvious security implactions as you have pointed out.
Since your system is exposed using an aggressive password management policy is a must. I am guessing that your client isn't part of an classic enterprise network with Active Directory so you'd have to rely on the build in digest account management. Is this correct?
Do you have a certificate authority in your environment? Using mutial TLS may be an option to help secure the communications.