Skip navigation
1 2 3 Previous Next


40 Posts authored by: Cris Coffey Moderator
Share This:

May 2019 - Blog updated for Track-It! 2018/2019 versions.


I receive this question from users periodically and I hate to start off by saying "It depends", but it does.



This type of setup, while fairly common, is not something to be taken lightly nor something that our Track-It! technical support team has expertise in. Please bear in mind that the things discussed in this article are necessary considerations for any public facing website that must interface with an internal network. These cautions and suggestions are not specific to Track-It!  and involve a number of systems and settings that are outside of the context of Track-It!  There are many factors involved with setting up this type of scenario and doing so in a way that is appropriate and secure for your environment. The setup will involve important decisions and configurations in your environment which our technical support team will not have knowledge of or be able to answer for you. While they may be able to guide you in best practices and examples of what most people do, they cannot make the decision for you or configure the system for you.


To begin, there are several different ways you can accomplish this task depending on:

  • Your technical ability
  • The resources you have available at your company/location
  • How you want to present this information to users (raw IP address vs. pretty domain name)
  • How secure your system needs to be


Things to consider

Generally speaking, this type of setup should not be attempted by someone without experience with these types of configurations as you could potentially expose your network and internal systems to external intruders.


This type of setup normally requires assistance from someone who is experienced with:

  • Advanced network security
  • Working with a DMZ
  • IIS web server setup
  • Domain registration
  • Domain hosting
  • DNS configuration
  • Proxies
  • SSL
  • Firewall/switch configuration


The process (in a nutshell)

This process can be fairly involved depending on the configuration used. Generally, you would work with someone with IIS Admin experience and network security experience to install Track-It! on a separate IIS Web server placed in a DMZ. That server is given an external IP address so that users out on the internet can access it. It is best practice to also obtain an SSL cert and install it on the web server so that all connections to the Track-It! Web site are performed securely over HTTPS. If you want a nice domain name like then you would need to work with a website domain provider to get that URL/Domain setup and pointed to the public IP address or to add a /helpdesk virtual directory or DNS entry that points to your Track-It! server. The Track-It! server also has to have access to the internal network and the SQL server. This can be done by opening ports, using proxies and other methods that people much smarter than I have come up with and understand how to set up. However you do it, at the end of the day, the Track-It! server needs to have a public IP address, be segregated outside your internal network for security and still have access to the SQL server inside the network.



Once you have this set up, your users should be able to connect to the IP address or URL to get to Track-It! from outside your company network. I know this article has not explained specific setup steps in order to set up this type of configuration but that is on purpose. Something like this should not be set up by someone who does not fully understand network security, the structure of the network and the policies and regulations of your company and/or industry. In the end I hope this information has been helpful.

Share This:

I am excited to announce that Track-It! 11.4 is now available! This release is another great step in improving the utility of Track-It! and the productivity of the people who use it. This release contains a few enhancements to existing features, some enhancements that were requested by Track-It! users in the Ideas area here on the Track-It! Community and some defect corrections. Here are some highlights of the release.


  • Self-Service ImprovementsTrack-It! Technician Client.png
    • Track-It! users can now save time by approving or rejecting change requests via email
    • Track-It! users can also request more information about a change request via email before approving/rejecting
    • The self-service portal can now be customized to hide features that administrators don’t want their end-users to use
    • The Password Reset Kiosk application has a new silent install feature allowing it to be easily distributed to end users computers


  • Administrative and Usability Improvements
    • Track-It! Survey add on was integrated into the Track-It! product to provide easier implementation/updates for customers who own this module
    • The user interface was updated with a newer flat look and feel to give the application a more modern look
    • Work order notes can now be shown chronologically in email notifications
    • Users can now quickly access work order tickets in Track-It! Web using direct URL links. These links are also included in email notifications
    • Support for TLS has been added for email communications
    • Help documentation was redesigned into a single source web help system which works on all screen types/sizes
    • The support integration feature allows Track-It! administrators to submit requests for technical support directly to the BMC Track-It! support team from within the product
    • Addressed all recently reported security vulnerabilities


Current Track-It! customers can download the 11.4 update from the support portal at


Share This:

The purpose of this advisory is to inform you of recently discovered security vulnerabilities in Track-It! and how to address them.  


Please note that for an attacker to take advantage of any of these issues, the attacker must have direct access to the Track-It! application server. If the application server is not exposed to the internet, an attacker would first have to gain access inside your internal network in order to exploit them.  However, even if your Track-It! system is not exposed outside your firewall, we still recommend you take the necessary steps to secure the application as soon as possible.


Update to Track-It! 11.4

Due to the nature and complexity of some of the issues, a full version update is required to address all of them. The vulnerabilities in this bulletin are addressed in Track-It! version 11.4, which is now available on the Track-It! support site here.  Upgrading to 11.4 is the only way to address all of the discovered vulnerabilities.

Short term remediation

If for some reason you cannot immediately update to Track-It! 11.4, it is recommended to block all communications from untrusted networks (e.g. the Internet) at the firewall, specifically to TCP/UDP ports 9010 to 9020 and to the Track-It! Web webserver. Blocking the above mentioned ports/site to secure the server will also block the use of the Self Service feature and Track-It! Technician Web from external networks.  In other words, the Track-It! system will continue to function only within the Intranet network.


Due to the nature of issues 1, 2 and 6 below, we were able to produce individual hotfixes for Track-It! version 11.3. Since these hotfixes do not resolve all the identified issues, we strongly recommend upgrading your Track-It! system to the 11.4 version that includes fixes for all of the identified vulnerabilities.


Resolved Issues:

For more information on each of the items addressed, see the Knowledge Articles listed below.

  1. 1. Article ID TIA07453 - Arbitrary file download – Attackers can download files from the underlying server operating system remotely through the product.   
  2. 2. Article ID TIA07454 - Blind SQL injection – Insufficient input validation can allow attackers to inject SQL code and gain control of the underlying database engine.
  3. 3. Article ID TIA07455 - Hardcoded DB credentials - This issue is limited to demo install only.
  4. 4. Article ID TIA07456 - Credential disclosure - Domain administrator & SQL server user credentials.
  5. 5. Article ID TIA07457 - Code execution – Remote code upload and execution via file upload.
  6. 6. Article ID TIA07508Password Reset – Reset passwords of accounts with just the user ID.


If you have any questions regarding this security notification, please contact Track-It! Support by opening a case at: BMC Track-It! Support

Share This:

The new Track-It! 11.3 release is now in Beta. If you are a current Track-It! customer and are interested in participating in the Beta program, it is not too late.


Just visit the document below to learn more about how to sign up for the program.


Track-It! Developers Circle (Beta) Signup

Share This:

Track-It! 11.2 was released in late November and is now available. Thank you to all of our loyal Track-It! Beta testers for once again kicking the tires and helping to get the product ready. You can learn more about the product by visiting the What's New area of the Track-It! site.


Some highlights of the new release are:

12-13-2013 2-23-13 PM.jpg


  • Manage SLAs and end user expectations with Stop the Clock.
  • Keep accurate record of time spent on tasks with the Work Order Timer
  • Track time to first response with the First Response SLA
  • Create integrations with other software/systems with the Track-It! Web Service
  • Detect installed anti-virus products, versions and whether definitions are up to date
  • Obtain regular PC inventory information from users who work remotely using disconnected audits
  • IMAP and Exchange Web Service support added for e-mail monitoring
  • Further refine which emails Track-It! will accept with the new White-list



We work hard to deliver things that our customers ask for and we hope you like this release of Track-It!


Now on to the next one!


Learn more about Track-It! help desk software at

Share This:

I am very excited to announce that the new release of our award winning Track-It! Help Desk and Asset Management software, Track-It! 11.1 has been released and is now available for download.


This release was focused on more functionality in Track-It! Web, Track-It! Mobile and some key usability enhancements that should make customers very happy. Here are a few highlights from the release.


Track-It! Technician Client for Windows and Track-It! Web updatesRichText_Solution.png

  • Rich Text Solutions was added to the Windows and Web clients, allowing Track-It! technicians to generate solutions containing rich content, custom fonts, font colors and embedded in-line images. Work order resolutions now support rich text formatting as well.
  • Conditional Required fields are now available to allow administrators to required certain fields to be populated when work orders are closed.


Track-It! Web and Mobile updates

  • Two Track-It! modules, Training and Reporting were added to Track-It! Web. Technicians can now manage their end-users training course schedules and history from the web as well as have access to print and preview any of the Track-It! reports that are available in the system.
  • The Track-It! Web and Track-It! Mobile interfaces now support work order templates for commonly occurring work orders.


There are many other usability enhancements that were also included in the release. For more information or to download a trial, please visit the what's new section of the Track-It! page here.

Share This:

We recently had a few new partners asking about what type of resources it takes to setup and manage Track-It! I realized that it had been a little while since I had blogged about this type of thing so I figured it was time for a refresher.


Some time back, I started talking about this Zero to Help Desk in 60 minutes concept with prospects and partners and the idea was picked up by marketing shortly after. The reason this has resonated so well with customers and prospects is because as we all know, most IT shops are overworked and understaffed and the idea of saving time and money while also implementing a tool that helps save time and money, is a very welcome thing. Track-It! is extremely easy to install, configure and maintain and takes most users less than an hour to setup and configure so the tag line stuck. After that, it only takes a small part of one persons time to manage the system from then on. Many of our competitors have products that require a dedicated resource or multiple resources. That is not true for Track-It!  The product is specifically designed to be easy to manage and use.


Ease of Installation

Lets talk about installation first. The full Track-It! installer is the same one that you can download right now from and try out in a demo mode. The demo is the full product with some limitations on the number of users that can log in, the number of devices that can be scanned and with a 30 day expiration. Track-It! includes the free Microsoft SQL Server 2008 Express edition for customers that don't want to buy or cannot afford to buy the full blown MS SQL server product. SQL Server express works fine for most Track-It! implementations. The entire installation process takes about 15 minutes to install all the components. If you installed the product in demo mode and wish to then move to production later on, the process is very simple. When you purchase a license for the Track-It! product, a license file will be e-mailed to you. Once that license file is copied into the Track-It! server directory, the product becomes a live version. NO reinstall required.


Accessing the application

Help Desk Technicians can use the Windows client, Web client or Mobile client and Self Service end users can access the self service web portal. All 3 interfaces are included with the base product. Administration functions must be performed with the Windows client but it is installed on the Track-It! Server by default during the main installation.



Basic configuration is simple. You can manually enter your users and create accounts or import them from your LDAP or Active Directory server. Once the users are in the system, a few other items like Priority levels, Work Order Types, Departments and Locations should be configured and then you are ready to start managing your IT Assets and using the Help Desk. This process takes a very short amount of time and usually takes most users longer to decide exactly which work order types and priorities they want to create than it does to actually create them in the system.


Immediate ROI

The entire system in a basic setup takes less than an hour to install and configure. If you have a complex environment where you want to split the IIS server apart from the database and Track-It! servers, things can take slightly longer but not much. If you are scared of systems that require consulting services and full time management, then Track-It! is what you are looking for.


Support and Online Community

If you have any questions or need pointers while installing or using Track-It!, there are two great places to get help.

First is the tech support portal for registered users located at

The second is the Track-It! Community on


If you have any questions, feel free to contact me and I would be happy to answer them for you.

Share This:



Track-It! 11 was just released 2 weeks ago and you may have noticed a

change to some of the ideas posted on the Idea tab here in the BMC Track-It!



Several of those ideas had their status changed from Active to Delivered as they were included with the new Track-It! 11 release.


This is a very exciting time to be a product manager or a customer of BMC Track-It! For the first time there is true visibility into features that customers are requesting, which features customers like and don't like, which features are likely to go into the next release and ultimately which features are actually delivered.


Thank you to everyone who submitted an idea, commented on an idea and/or voted on an idea.


You are all helping to shape the product for the benefit of all users.

Share This:

Every so often I hear questions from customers and prospects about deploying a Track-It! Server in a test environment. Some of our customers have processes in place that require any changes, updates, patches, etc, be tested in a staging environment before being rolled into production. The question we usually get is whether it is ok to install a 2nd copy of Track-It! into this staging environment even though they only own 1 copy of the product.


The answer here is pretty simple. Yes.


If you own a copy of Track-It!, you are licensed for one production installation of the product and if your production processes call for a test staging environment, you are permitted to install a 2nd copy of Track-It! into that test environment as well. As long as the test installation is really for testing, then you have nothing to worry about.

Share This:

Are you interested in talking to other Track-It! users about how they use the product or about issues they struggle with in their IT departments? Are you interested in meeting and getting together with other Track-It! users in your area from time to time so you can discuss and learn face to face? Are you interested in discussing best practices, implementation strategies, reporting and other topics with another IT person just like you?


If so, BMC Communities can help you get started. You can utilize BMC Communities to start and manage your own local user group. We will help you set up the group, invite some members, show you around and train you on how to manage your group, then you take over from there. There are no costs to you or anyone in the group to participate and you can accept as many members as you would like. Use the community site to discuss topics of interest and then if desired, periodically set up local meetings in your area. 


We just recently started a new user group for Track-It! users in the Washington DC area. If you are interested in starting a local Track-It! user group on the community, let me know and I will help you get started.

Share This:

The Product Management and Marketing teams are pleased to announce the general availability of BMC Track-It! version 11.  We invite you to learn more about the new capabilities in BMC Track-It! version 11. With this release, we are taking a customer centric, concierge approach to ensure each and every customer has a seamless upgrade experience. If you're a BMC Track-It! customer, currently on maintenance, you'll be hearing from the BMC tech support organization shortly with instructions on how to upgrade.   


With this latest release, Track-It! 11 can help you more easily manage the help desk and deliver IT services on-the-go while enjoying security, administration and usability enhancements. 


More specifically, Track-It! 11 offers:


  • New Mobile Capabilities including Inventory, Announcements and E-mail Conversation Management making it easier for you to do your job on-the-go
  • New Web Capabilities including Purchasing, Library, Change Management and Work orders can now be accessed via a direct link
  • Scheduled/E-mailed Reports make it easy to keep track of important metrics and keep others up to date automatically
  • Usability and Security Enhancements making it easier for your IT staff and users to navigate the solution.


To learn more about BMC Track-It! 11

Share This:

I love to hear feedback from customers on how Track-It! has helped them and here is another great story.


This one is from Douglas County Libraries in Colorado. Great stuff!

Share This:

Over the last few months we have been testing an Ideation module for the BMC Community that would allow users to log their own requests for feature enhancements as well as review and vote on feature requests logged by other users. The Ideation module is a great way for users to directly input their requests, see comments back from other users or from the product teams here at BMC, track the progress of their request and see how it fits in order of priority with all other user requests.




Starting last week, a few product teams turned on the Idea module for their product communities and I enabled the option for the BMC Track-It! communtiy. In just a few days, it is already taking off and the participation and feedback has been fantastic. This is an exciting way for us to be more transparent and accessible to help our users across the world.


The new Ideation module for the BMC Track-It! Community can be found here.


I hope you all like the new Ideation module and will use it when you have a new feature suggestion.


Thank you for being part of the BMC Community.

Share This:

Time for another usage poll. This poll is simply asking what client platform, windows or web based, would you prefer given the same functionality.


As many of you already know, we are making a push to include all of the Track-It! modules in Track-It! Web. Currently, Track-It! Web has Inventory, Solutions and Help Desk and we are working hard to bring more Track-It! modules to the web. Our question to you is, once all the functionality is available in Track-It! Web, which client will you choose to use primarily. The Track-It! Windows client or Track-It! Web?. Please let us know by visiting the poll HERE.

Share This:

One thing we continually monitor is the usage of technology in the IT market. We are always interested in hearing what tools and systems our current and potential customers are using because it helps us focus on the proper technology choices when developing solutions in our products.


This poll is simply asking what email system your company is currently using. The majority appear to be using Microsoft Exchange but we would love to have your vote also. Please let us know by visiting the poll HERE.

Filter Blog

By date:
By tag: