Desktop Central 9

-

Desktop and Mobile Device Management software

Desktop Central Architecture

ManageEngine Desktop Central is a Web-based Windows software application for desktop administration. This application enables administrators to manage computers effectively, from a central point. It comprises features like Software Deployment, Patch Management, Service-pack Installation, Asset Management, Remote Control, Configurations, System Tools, Active Directory Reports and User Logon Reports.

Architecture

The LAN architecture of Desktop Central comprises the following components:

  • Server
  • Agent
  • Patch Database
  • Web Console
  • Active Directory

Components

This section includes detailed information about the components of the Desktop Central architecture. Refer to Figure 1: LAN Architecture of Desktop Central.

Server

The Desktop Central server is located in the customer's site. For example, the customer's head office. This server enables the completion of various desktop-management tasks to help administrators manage computers in the company's network effectively. Some of the tasks include the following:

  • Installing the agent in computers in the customer's network
  • Deploying configurations
  • Scanning for inventory and patches
  • Generating reports. For example, reports related to Active Directory infrastructure components

It is recommended that the Desktop Central server is not switched off. It should be switched on constantly to complete various desktop-management tasks on a daily basis. All the desktop-management tasks can be completed using Desktop Central's Web-based administration console.

Desktop Central LAN Architecture

Figure 1: LAN Architecture of Desktop Central

Port Number
Type
Purpose
Connection
Traffic
8020
HTTP
Agent Server communication
Inbound to Server
inboundinbound
8444
HTTP
For sharing remote desktops
Inbound to Server
inboundinbound
8032
HTTP
For transferring files
Inbound to Server
inboundinbound
8027
TCP
To complete on-demand tasks like inventory scanning, patch scanning, remote control, remote shutdown and moving agents from one remote office to another
Inbound to Server
inboundinbound
8022
HTTP
To enable Chat and System Manager
Inbound to Server
inboundinbound
8383
HTTPS
For communication between the agent or distribution server and the Desktop Central server
Inbound to Server
inboundinbound
8443
HTTPS
For Sharing Remote Desktops
Inbound to Server
inboundinbound
8031
HTTPS
For transferring files
Inbound to Server
inboundinbound
2195
HTTP
Should be open on the Desktop Central Server to reach the APNs. Host Address: gateway.push.apple.com
Outbound from Server
inbound
443
HTTP
Should be open on the Desktop Central Server to reach the GCM server
Outbound from Server
inbound
5223
HTTP
Should be open, if the mobile device connects to the internet through the Corporate WiFi, it is recommend to configure the IP range 17.0.0.0/8.
Outbound from Corporate Network Firewall
inboundinbound
5228
HTTP
For the GCM to reach the managed mobile device
Outbound from Corporate Network Firewalll
inboundinbound
5229
HTTP
For the GCM to reach the managed mobile device
Outbound from Corporate Network Firewall
inboundinbound
5230
HTTP
For the GCM to reach the managed mobile device
Outbound from Corporate Network Firewall
inboundinbound
135
TCP
To enable sharing of files and printers
Outbound from Managed Computers
inboundinbound
445
TCP
To enable sharing of files and printers
Outbound from Managed Computers
inboundinbound
135
TCP
To enable remote administration
Outbound from Managed Computers
inboundinbound

Agent

The Desktop Central agent is a lightweight software application that is installed in computers which are managed using Desktop Central. It is installed automatically in the computers in a LAN. It helps to complete various tasks that are initiated in the Desktop Central server. For example, if you want to uninstall a software application from a computer in your network, you can make the required settings for this task in the Desktop Central server. The agent replicates these settings and ensures that the task is completed effectively.

The agent also updates the Desktop Central server with the status of configurations that are deployed. It checks the Desktop Central server periodically for instructions related to tasks and completes the same. The agent contacts the server when the following actions take place:

User-specific Configurations

  • Users log on
  • 90-minute refresh interval

Computer-specific Configurations

  • Computers are started
  • 90-minute refresh interval

Patch Database

The patch database is a portal on the ManageEngine Web site. It hosts the latest vulnerability database that is published after patches have been tested. The Desktop Central server synchronizes this information periodically and scans the computers in the network to determine which patches are missing. The patches that are missing are installed in the computers that are missing them.

The communication between the Desktop Central server and the patch database takes place either through a proxy server or through a direct connection to the Internet. The required patches are downloaded from the respective vendors' Web sites and stored in the Desktop Central server before deploying them to computers in the network. The agents copy the required patch binaries from the Desktop Central server.

Web Console

The Web console of Desktop Central provides a central point from where an administrator can manage all the tasks that are related to desktop management. This console can be accessed from anywhere. For example, it can be accessed through a LAN, WAN and from home using the Internet or a VPN. Separate client installations are not required to access the Web console.

Active Directory

In an Active Directory-based domain setup, the Desktop Central server gathers data from the Active Directory to generate the reports for the following:

  • Sites
  • Domains
  • Organizational Units (OUs)
  • Groups
  • Computers

This enables administrators to access all the information that is stored by the Active Directory.