# Endpoint Central - Summary Server
## Overview & Architecture
Multi-tenant architecture using Summary Server for enterprises managing a large number of endpoints
### Table of Contents
1. [Overview](#overview)
2. [Architecture](#architecture)
3. [Components](#components)
4. [System Requirements](#system-requirements)
Check this [guide](https://www.manageengine.com/products/desktop-central/summary-server/online-guide.html) to start your Summary Server and Probe Server setup.
---
## Overview
Endpoint Central's Summary Server can manage endpoints with higher degree of visibility and scalability. This web based application helps IT admins to manage endpoints across globe with a user-centric dashboard. Summary Server is coupled with Probe Servers to achieve these factors. Here is a detailed guide on how Summary Server aids in scalable endpoint management for enterprise.
## Architecture
This section explains the following:
- Architecture
- Components
- Secure communication between agent and server
[](https://www.manageengine.com/products/desktop-central/summary-server/image/architecture-for-summary-server.png)
---
## Components
### Endpoint Central Summary Server
The Summary Server is a real-time data driven dashboard made available for the executives of an enterprise. All the Probe Servers will report to Summary Server regularly to post the endpoint management reports. This server can be accessed through a web console, which will require authentication. A separate set of users can be created to access this server. Summary Server will communicate only with the Probe Server. It is advisable to have your server turned on without fail to achieve maximum efficiency in monitoring and managing the endpoints.
### Endpoint Central Probe Server
Probe servers are standalone Endpoint Central Servers that manage devices in the business network. IT technicians can create and deploy the policies from this server. In this architecture, multiple Probe Servers can be installed in the enterprise network and maintain a degree of autonomy while managing the endpoints. Every Probe Server will have a set of technicians and admins to manage endpoints under that Probe Server.
A Probe Server will communicate with Summary Server and Endpoint Central Agents. The Probe Server contacts Summary Server to post the data on a regular basis and contacts Endpoint Central agents to execute the deployments triggered. Probe Servers can be installed with Secure Gateway Server to manage roaming users securely.
### Web Console
The Web console component is used to access the Server from a remote location using the internet or VPN. A dedicated web console is available for Summary Server as well as Probe Server(s).
### Endpoint Central Agent
Endpoint Central agent is a lightweight software installed on the devices which are to be managed by the Endpoint Central. The agent is used to execute tasks like:
- Software distribution and filtering
- Applying patches (manual/automatic)
- IT Asset Management, and generating reports and more
For instance, if the admin wants to show a popup message to a specific user/computer, then these settings are configured in the Probe server and the details are replicated to the agent, thereby executing the task successfully.
The agent will contact the respective Probe Server following the agent refresh policy to execute the deployed tasks.
Agent Server communication takes place during:
- User logon
- Device Logon
- 90 minutes refresh policy
**For User-specific Configuration:**
The agent contacts the Server during:
- User logon
- 90 minutes refresh policy
**For Computer-Specific Configuration:**
The Agent contacts the server during:
- System logon
- 90 minutes refresh policy
### Active Directory
Endpoint Central is a domain based approach. Therefore, it can be synced with an Active directory/Workgroup to fetch the resource information.
### Patch Database
Patch database is a repository hosted on ManageEngine website. This database will transfer the patch information for the devices managed under the Endpoint Central scope. Endpoint Central server communicates with the patch database through the internet or VPN.
### Securing Agent Server Communication
The communication across this architecture will take place in HTTPS mode only.
---
## System Requirements
Find the below list of system requirements for this architecture:
- Summary Server is capable of managing minimum of 100k endpoints.
- Each Probe Server can manage between 25k and 30k endpoints.
- [Ports](#ports-used-by-summary-server) Used by Summary Server and Probe Server
- [Hardware requirements](#hardware-requirements) for Summary Server, Probe Server, Distribution Server, Endpoint Central agent, Secure Gateway Server and SQL Server.
- Network requirements such as internet speed.
- [Supported Operating systems](#supported-operating-system) for Summary Server, Probe Server, Distribution Server, Endpoint Central agent, Secure Gateway Server and SQL Server.
- Supported [Browsers](#supported-browsers), [Database](#supported-database), and [Web Servers](#supported-webservers).
### Ports Used by Summary Server
The Summary Server will communicate with the Probe Server through port 8383 by default.
| Port | Purpose | Type | Connection |
|---|---|---|---|
| 8383 | For accessing Web console | HTTPS | In bound to server |
| 8443 | For Sharing Remote Desktops, System Manager, Chat and File Transfer. | HTTPS/UDP | In bound to server |
### Ports Used by Probe Server
The Probe Server will communicate with the Summary Server through port 8383 by default. To know more about the ports used by Probe Server, please visit this [page](https://www.manageengine.com/products/desktop-central/desktop-central-lan-architecture.html).
---
## Hardware requirements
This section lists the hardware specifications for Summary Server, Probe Server and Distribution Servers.
### Summary Server
| Server | Parameter | Requirement |
|---|---|---|
| Endpoint Central Server | Processor information | **Physical Machine:** Intel Xeon (16 core/32 thread) 3.0 GHz
**Virtual Machine:** 32 virtual processors (3.0 Ghz) |
| Endpoint Central Server | RAM size | 32 GB |
| Endpoint Central Server | Hard disk space | 500 GB* |
| Network requirement | Network card speed | Minimum 1 GBPS Network Interface Card (NIC) |
| SQL Server | Processor information | **Physical Machine:** Intel Xeon (20 core/40 thread) 3.6 GHz 50 MB cache
**Virtual Machine:** 40 virtual processors (3.6 Ghz) 50 MB cache |
| SQL Server | RAM size | 64 GB |
| SQL Server | Hard disk space | 1 TB* |
| SQL Server | Edition | Standard/Enterprise |
\* May increase dynamically according to the frequency of scanning
\** May increase dynamically depending on the operations performed on the client computer
### Probe Server
| Server | Parameter | Requirement |
|---|---|---|
| Endpoint Central Server | Processor information | **Physical Machine:** Intel Xeon (16 core/32 thread) 3.0 GHz
**Virtual Machine:** 32 virtual processors (3.0 Ghz) |
| Endpoint Central Server | RAM size | 32 GB |
| Endpoint Central Server | Hard disk space | 500 GB* |
| Endpoint Central Agents | Processor | Intel Pentium |
| Endpoint Central Agents | Processor Speed | 1.0 GHz |
| Endpoint Central Agents | RAM size | 512 MB |
| Endpoint Central Agents | Hard disk space | 30 GB** |
| Network requirement | Network card speed | Minimum 1 GBPS Network Interface Card (NIC) |
| SQL Server | Processor information | **Physical Machine:** Intel Xeon (20 core/40 thread) 3.6 GHz 50 MB cache
**Virtual Machine:** 40 virtual processors 3.6 GHz 50 MB cache |
| SQL Server | RAM size | 64 GB |
| SQL Server | Hard disk space | 1 TB* |
| SQL Server | Edition | Standard/Enterprise |
\* May increase dynamically according to the frequency of scanning
\** May increase dynamically depending on the operations performed on the client computer
**Note:** In the installed physical/virtual machine, kindly ensure that the mentioned hardware requirements is available exclusively for the Endpoint Central server instance.
### Distribution Servers
The hardware requirements for distribution servers include the following:
| No. of Computers Managed Using the Distribution Server | Processor Information | RAM Size | Hard Disk Space |
|---|---|---|---|
| 1 to 500 | **Physical Machine:** Intel Core i3 (2 core/4 thread) 2.0 Ghz 3 MB cache
**Virtual Machine:** 4 virtual processors (2.0 Ghz 3 MB cache) | 4 GB | 6 GB* |
| 501 to 1000 | **Physical Machine:** Intel Core i3 (2 core/4 thread) 2.9 Ghz 3 MB cache
**Virtual Machine:** 4 virtual processors (2.9 Ghz 3 MB cache) | 4 GB | 12 GB* |
| 1001 to 3000 | **Physical Machine:** Intel Core i5 (4 core/8 thread) 2.3 GHz
**Virtual Machine:** 8 virtual processors (2.3 Ghz) | 8 GB | 16 GB* |
| 3001 to 5000 | **Physical Machine:** Intel Core i5 (6 core/12 thread) 3.2 GHz
**Virtual Machine:** 12 virtual processors (3.2 Ghz) | 8 GB | 20 GB* |
\* May increase depending on the number of software applications and patches that are deployed
**Note:** It is highly recommended to install Distribution Server for every 1000 computers.
---
## Software Requirements
This section gives you information about the software requirements for Endpoint Central Summary Server, Endpoint Central Probe Server, Agent and Distribution Server.
### Supported Operating System
#### For Endpoint Central Summary Server, Endpoint Central Probe Server and Distribution Servers
You can install Endpoint Central Summary Server, Endpoint Central Probe Server and Distribution Servers on any of these Windows operating system versions:
- Windows 7 (supported for Distribution Server only)
- Windows 8 (supported for Distribution Server only)
- Windows 8.1 (supported for Distribution Server only)
- Windows 10
- Windows 11
- Windows Server 2008* (supported for Distribution Server only)
- Windows Server 2008 R2* (supported for Distribution Server only)
- Windows Server 2012*
- Windows Server 2012 R2*
- Windows Server 2016*
- Windows Server 2019*
- Windows Server 2022*
- Windows Server 2025*
\* **recommended for managing 5000 or more endpoints.**
#### For Endpoint Central Agents
You can use Endpoint Central to manage the computers running on the below mentioned operating system.
#### For Managing Mobile Devices
- Android: Android devices running on version 4.0 or above
- iOS (incl. iPhone, iPad and iPod): iOS devices running on version 4.0 or above
- Windows Smartphones: Devices running on version Windows Phone 8.1 or above
- Windows laptops (incl. Surface Hubs and Surface Pros): Devices running on Windows 10
- Chrome OS: Devices running on version 57.0 or later
- tvOS: Devices running on version 7.0 or above
- macOS: Devices running on version 10.11 or later
### Supported Browsers
You are required to install any of the following browsers on your computer to access the Endpoint Central console:
- Microsoft Edge
- Mozilla Firefox
- Google Chrome
- Zoho Ulaa
**Note:** The screen resolution should be 1280 x 1024 pixels or higher.
### Supported Database
Endpoint Central supports the following databases:
- PGSQL
- MSSQL
- SQL Server 2022
- SQL Server 2019
- SQL Server 2017
- SQL Server 2016
**Note:** Endpoint Central supports the aforementioned SQL Server versions in AWS as well.
### Supported WebServers
Endpoint Central uses the following web servers:
- Nginx (for static file services)
- Tomcat (for application related services)
### Supported TLS Versions
- **From Endpoint Central version 11.2.2330.1:** Endpoint Central and Secure Gateway Server support TLS version 1.2 by default. However, you have the option to enable the older TLS versions (TLS 1.0 and TLS 1.1) from the Security Settings page.
- **Prior to Endpoint Central version 11.2.2330.1:** Endpoint Central and Secure Gateway Server support TLS versions 1.0, 1.1, and 1.2 by default. However, you have the option to disable the older TLS versions (TLS 1.0 and TLS 1.1) from the Security Settings page.