Desktop Central Cloud - Architecture

Desktop Central Cloud’s architecture

Desktop Central Cloud's architecture

Desktop Central Cloud, ManageEngine's flagship cloud-based unified endpoint management (UEM) solution, can help organizations manage and secure their endpoints the SaaS way. With Desktop Central Cloud, you don't need any high-end infrastructure to support a large number of endpoints.

Desktop Central Cloud is an endpoint management and security solution that every IT administrator should have in their toolkit. It comprises the entire gamut of top-notch features for assessment and remediation of vulnerabilities, automated deployment of business applications, real-time management of IT assets, automation of mundane administrative tasks using over 50 predefined configurations, hassle-free remote troubleshooting, generation of audit-ready reports, and mobile device management functionalities.

This document explains the foundation of Desktop Central Cloud, its components, and the communication between these components.

Components of Desktop Central Cloud architecture

The Desktop Central Cloud server resides in one of Zoho Corporation’s data centers, and the Desktop Central agent, a lightweight component, is installed on all the computers you wish to manage using Desktop Central. The Desktop Central agent aids in the completion of various tasks initiated from the Desktop Central Cloud server.

For instance, if you want to uninstall an application, the necessary settings can be configured for the corresponding agent on the server, while the agent will replicate these settings and remove the application from the computer it is installed on. This agent will update the status of these tasks back to the Desktop Central Cloud server.

For managing mobile devices, any communication from Desktop Central Cloud is routed through notification services such as Apple Push Notification service (APNs) for iOS devices, Firebase Cloud Messaging (FCM) for Android devices, and Windows Notification Service (WNS) for Windows devices. The agent communicates with the server periodically to fetch the allotted tasks, and shares the status of the tasks with the server.

For managing branch offices, the distribution server is installed on one of the branch office computers. The distribution server communicates with the Desktop Central Cloud server to fetch tasks for that particular branch office’s agents. In addition, the distribution server synchronizes with the Desktop Central Cloud server for missing patch details. These patches are then downloaded directly from the respective vendor's website and distributed across the branch office agents depending on the status of the missing patches on each computer. The branch office agents send the status of each task back to the Desktop Central Cloud server.

For roaming user management, the agent pulls the missing patch details from the Desktop Central Cloud server and downloads the missing patches directly from the vendor’s website; the patches are then deployed to the required machines. Once deployment is complete, the status is sent to the server.

The patch database is a portal on the ManageEngine website that hosts the latest vulnerability database. The Desktop Central Cloud server periodically synchronizes with the patch database’s information on available patches and scans the computers in the network to determine which patches are missing. The results of that scan are stored in the server and can be viewed from the web console.

The web console is an interface for accessing the Desktop Central Cloud server, and all endpoint management and security operations can be performed from here. This console can be accessed from anywhere.

Since the Desktop Central Cloud server resides in Zoho Corporation’s data center, it is not possible for the server to communicate with a network’s Active Directory. If a user would like to integrate Desktop Central Cloud with their organization’s Active Directory, the distribution server installed in the branch office can be configured as an AD connector. The AD connector will fetch the Active Directory details of that particular network.