• Active Directory
  • Application
  • Desktop & Mobile
  • Help Desk
  • Network
  • Server
  • IT Security
  • MSP
  • On-Demand
 
 
Device Management, made easy
Manage control and secure your workstations, mobile
devices and tablets
 
 
Help Desk for Everyone
IT Help Desk Software and Customer Support Software
 
 
Protect Your IT. Save Your Business
Build a secure fortress with our security management solutions
 
 
MSP
Manage services faster, with multi-tenanted, ITIL-ready, and unified RMM solutions
 
 
On-Demand Solutions
IT Help Desk, Active Directory, and Operations Management from the Cloud
 

Desktop Central Architecture

ManageEngine Desktop Central is a Web-based Windows software application for desktop administration. This application enables administrators to manage computers effectively, from a central point. It comprises features like Software Deployment, Patch Management, Service-pack Installation, Asset Management, Remote Control, Configurations, System Tools, Active Directory Reports and User Logon Reports.

Desktop Central supports the managing of computers in a distributed setup like branch or remote offices (WAN) and for mobile users, for example sales persons who are constantly on the move.

Desktop Central WAN Architecture

Figure 1: WAN Architecture of Desktop Central

Port Number
Type
Purpose
Connection
Traffic
8020
HTTP
Agent Server communication
Inbound to Server
inboundinbound
8444
HTTP
For sharing remote desktops
Inbound to Server
inboundinbound
8032
HTTP
For transferring files
Inbound to Server
inboundinbound
8027
TCP
To complete on-demand tasks like inventory scanning, patch scanning, remote control, remote shutdown and moving agents from one remote office to another
Inbound to Server
inboundinbound
8022
HTTP
To enable Chat and System Manager
Inbound to Server
inboundinbound
8021
HTTP
To enable communication between a Desktop Central agent and a distribution server
Inbound to Distribution Server
inboundinbound
8384
HTTPS
To enable communication between a Desktop Central agent and a distribution server
Inbound to Distribution Server
inboundinbound
8383
HTTPS
For communication between the agent or distribution server and the Desktop Central server
Inbound to Server
inboundinbound
8443
HTTPS
For Sharing Remote Desktops
Inbound to Server
inboundinbound
8031
HTTPS
For transferring files
Inbound to Server
inboundinbound
2195
HTTP
Should be open on the Desktop Central Server to reach the APNs. Host Address: gateway.push.apple.com Outbound from Server
inbound
443
HTTP
Should be open on the Desktop Central Server to reach the GCM server Outbound from Server
inbound
5223
HTTP
Should be open, if the mobile device connects to the internet through the Corporate WiFi, it is recommend to configure the IP range 17.0.0.0/8. Outbound from Corporate Network Firewall
inboundinbound
5228
HTTP
For the GCM to reach the managed mobile device Outbound from Corporate Network Firewalll
inboundinbound
5229
HTTP
For the GCM to reach the managed mobile device Outbound from Corporate Network Firewall
inboundinbound
5230
HTTP
For the GCM to reach the managed mobile device Outbound from Corporate Network Firewall
inboundinbound
135
TCP
To enable sharing of files and printers Outbound from Managed Computers
inboundinbound
445
TCP
To enable sharing of files and printers Outbound from Managed Computers
inboundinbound
135
TCP
To enable remote administration Outbound from Managed Computers
inboundinbound


Advantages

The advantages of using the WAN architecture of Desktop Central include the following:

  • Affordable, simple and quick solution for desktop management requirements
  • Utilizes low bandwidth
  • Enables network-neutral desktop management
  • Utilizes the same infrastructure for VPN connections. No separate VPN infrastructure is required
  • Ensures that communication between the server and agents is secured
  • Manages computers centrally using a single Web console

Architecture

The WAN architecture of Desktop Central comprises the following components:

  • Server
  • Distribution Server
  • Agent
  • Web Console

Components

This section includes detailed information about the components of the Desktop Central architecture. Refer to Figure 1: WAN Architecture of Desktop Central.

Server

Desktop Central Server has to be installed in your LAN (say, the head office) and has to be configured as an EDGE device. This means that the designated port (default being 8020 and is configurable) should be accessible through Internet. You need to adopt necessary security standards to harden the OS where the Desktop Central Server is installed.  Agents from all the remote locations report to this Desktop Central Server.

The Server acts as a container to store the configuration details and, upon request, provide the instructions to the agents. It is advised to keep the Desktop Central server always running to carry out the day-to-day Desktop Management activities.

Distribution Server

Desktop Central Distribution Server is light-weight software that is installed in one of the computers in the Branch Offices. This agent will communicate with the Desktop Central Server to pull the information for all the computers in that branch. The agents that reside in the branch office computers will contact the Distribution Server to get the information available to them and process the requests.

  • Low bandwidth utilization as only one agent will contact the Server periodically
  • Pulls the configuration details, software packages, patches to be installed, etc., from the Desktop Central Server and makes it available for the rest of the computers in the branch.
  • Supports secured mode of communication (SSL/HTTPS) with the Server.
  • Distribution Server installation is one-time and subsequent upgrades will be automatically performed.

Agent

The Desktop Central agent is a lightweight software application that is installed in computers which are managed using Desktop Central. This agent helps to complete various tasks that are initiated in the Desktop Central server. For example, if you want to change the wallpaper in the computers in a branch office, you can make the required settings for this task in the Desktop Central server. The agent replicates these settings and ensures that the task is completed effectively.

Agents can be installed either manually or using a logon script in all the branch-office computers that are being managed using Desktop Central. This task is a one-time task. Upgradation of agents is done automatically. Desktop Central offers two options to help administrators manage computers across a WAN. The option that you choose depends on the number of computers you are going to manage at your remote office. The options available, enable you to use either of the following:

  • Distribution servers and WAN agents: It is recommended that you use this option if you are managing more than 10 computers in a remote office.
  • WAN agents only: It is recommended that you use this option if you are managing less than 10 computers in a remote office.

Web Console

The Web console of Desktop Central provides a central point from where an administrator can manage all the tasks that are related to desktop management. This console can be accessed from anywhere. For example, it can be accessed through a LAN, WAN and from home using the Internet or a VPN. Separate client installations are not required to access the Web console.