Overview & Architecture

 

Multi-tenant architecture (Summary Server) for enterprises with more than 25000 endpoints

If you have not downloaded the summary server installable yet, fill out this form to receive the download link.

Please enter a valid email. Please enter a email.
By clicking 'Get Download link', you agree to the processing of personal data according to the Privacy Policy.

Table of Contents:

  1. Overview
  2. Architecture
  3. Components
  4. System Requirements

Check this guide to start your Summary Server and Probe Server setup.


Overview

Endpoint Central's Summary Server can manage endpoints with higher degree of visibility and scalability. This web based application helps IT admins to manage endpoints across globe with a user-centric dashboard. Summary Server is coupled with Probe Servers to achieve these factors. Here is a detailed guide on how Summary Server aids in scalable endpoint management for enterprise.

Architecture

This section explains the following

  • Architecture
  • Components
  • Secure communication between agent and server

Endpoint Central Summary Server


Components

Endpoint Central Summary Server:
The Summary Server is a real-time data driven dashboard made available for the executives of an enterprise. All the Probe Servers will report to Summary Server reguarly to post the endpoint management reports. This server can be accessed through a web console, which will require authentication. A separate set of users can be created to access this server. Summary Server will communicate only with the Probe Server. It is advisable to have your server turned on without fail to achieve maximum efficiency in monitoring and managing the endpoints.

Endpoint Central Probe Server:
Probe servers are standalone Endpoint Central Servers that manage devices in the business network. IT technicians can create and deploy the policies from this server. In this architecture, multiple Probe Servers can be installed in the enterprise network and maintain a degree of autonomy while managing the endpoints. Every Probe Server will have a set of technicians and admins to manage endpoints under that Probe Server. A Probe Server will communicate with Summary Server and Endpoint Central Agents. The Probe Server contacts Summary Server to post the data on a regular basis and contacts Endpoint Central agents to execute the deployments triggered. Probe Servers can be installed with Secure Gateway Server to manage roaming users securely.

Web Console:
The Web console component is used to access the Server from a remote location using the internet or VPN. A dedicated web console is available for Summary Server as well as Probe Server(s).

Endpoint Central Agent:
Endpoint Central agent is a lightweight software installed on the devices which are to be managed by the Endpoint Central. The agent is used to execute tasks like:

Software distribution and filtering
Applying patches (manual/automatic)
IT Asset Management, and generating reports and more.

For instance, if the admin wants to show a popup message to a specific user/computer, then these settings are configured in the Probe server and the details are replicated to the agent, thereby executing the task successfully.
The agent will contact the respective Probe Server following the agent refresh policy to execute the deployed tasks.

Agent Server communication takes place during:

  • User logon
  • Device Logon
  • 90 minutes refresh policy

For User-specific Configuration:
The agent contacts the Server during

  • User logon
  • 90 minutes refresh policy

For Computer-Specific Configuration:
The Agent contacts the server during

  • System logon
  • 90 minutes refresh policy

Active Directory:
Endpoint Central is a domain based approach. Therefore, it can be synced with an Active directory/Workgroup to fetch the resource information.

Patch Database:

Patch database is a repository hosted on ManageEngine website. This database will transfer the patch information for the devices managed under the Endpoint Central scope. Endpoint Central server communicates with the patch database through the internet or VPN.

Securing Agent Server Communication
The communication across this architecture will take place in https mode only.


System Requirements:
Find the below list of system requirements for this architecture:

  • Summary Server is capable of managing minimum of 100k endpoints.
  • Each Probe Server can manage between 25k and 30k endpoints.
  • Ports Used by Summary Server and Probe Server
  • Hardware requirements for Summary Server, Probe Server, Distribution Server, Endpoint Central agent, Secure Gateway Server and SQL Server.
  • Network requirements such as internet speed.
  • Supported Operating systems for Summary Server, Probe Server, Distribution Server, Endpoint Central agent, Secure Gateway Server and SQL Server.
  • Supported Browsers, Database, and Web Servers.

Ports Used by Summary Server

 

Port Purpose Type Connection
8383 For accessing Web console HTTPS In bound to server
8443 For Sharing Remote Desktops, System Manager, Chat and File Transfer. HTTPS/UDP In bound to server

Ports Used by Probe Server
To know the ports used by Probe Server, please visit this page.

Hardware requirements:
This section lists the hardware specifications for Summary Server, Probe Server and Distribution Servers:

Summary Server

Server Parameter Requirement
Endpoint Central Server Processor information Physical Machine: Intel Xeon (16 core/32 thread) 3.0 GHz
Virtual Machine: 32 virtual processors (3.0 Ghz)
RAM size 32 GB
Hard disk space 500 GB*
Network requirement Network card speed Minimum 1 GBPS Network Interface Card (NIC)
SQL Server Processor information Physical Machine: Intel Xeon (16 core/32 thread) 3.0 GHz 30 MB cache
Virtual Machine: 32 virtual processors (3.0 GHz 30 MB cache)
RAM size 64 GB
Hard disk space 1 TB*
Edition Standard/Enterprise

* May increase dynamically according to the frequency of scanning

** May increase dynamically depending on the operations performed on the client computer

Probe Server

Server Parameter Requirement
Endpoint Central Server Processor information Physical Machine: Intel Xeon (16 core/32 thread) 3.0 GHz
Virtual Machine: 32 virtual processors (3.0 Ghz)
RAM size 32 GB
Hard disk space 500 GB*
Endpoint Central Agents Processor Intel Pentium
Processor Speed 1.0 GHz
RAM size 512 MB
Hard disk space 30 GB**
Network requirement Network card speed Minimum 1 GBPS Network Interface Card (NIC)
SQL Server Processor information Physical Machine: Intel Xeon (20 core/40 thread) 3.6 GHz 50 MB cache
Virtual Machine:40 virtual processors 3.6 GHz 50 MB cache
RAM size 64 GB
Hard disk space 1 TB*
Edition Standard/Enterprise

* May increase dynamically according to the frequency of scanning

** May Increase dynamically depending on the operations performed on the client computer

Distribution Server

The hardware requirements for distribution servers include the following:

No. of Computers Managed Using the Distribution Server Processor Information RAM Size Hard Disk Space
1 to 500 Physical Machine: Intel Core i3 (2 core/4 thread) 2.0 Ghz 3 MB cache
Virtual Machine: 4 virtual processors (2.0 Ghz 3 MB cache)
4 GB 6 GB*
501 to 1000 Physical Machine: Intel Core i3 (2 core/4 thread) 2.9 Ghz 3 MB cache
Virtual Machine: 4 virtual processors (2.9 Ghz 3 MB cache)
4 GB 12 GB*
1001 to 3000 Physical Machine: Intel Core i5 (4 core/8 thread) 2.3 GHz
Virtual Machine: 8 virtual processors (2.3 Ghz)
8 GB 16 GB*
3001 to 5000 Physical Machine: Intel Core i5 (6 core/12 thread) 3.2 GHz
Virtual Machine: 12 virtual processors (3.2 Ghz)
8 GB 20 GB*

* May increase depending on the number of software applications and patches that are deployed

Note : It is highly recommended to install Distribution Server for every 1000 computers.

Note:In the installed physical/virtual machine, kindly ensure that the mentioned hardware requirements is available exclusively for the Endpoint Central server instance.

Software Requirements

This section gives you information about the software requirements for Endpoint Central Server, Agent and Distribution Server.

Supported Operating System

For Endpoint Central Server & Distribution Servers

 
You can install Endpoint Central Server & Distribution Servers on any of these Windows operating system versions:
  • Windows 7 (supported for Distribution Server only)
  • Windows 8 (supported for Distribution Server only)
  • Windows 8.1 (supported for Distribution Server only)
  • Windows 10
  • Windows 11
  • Windows Server 2008* (supported for Distribution Server only)
  • Windows Server 2008 R2* (supported for Distribution Server only)
  • Windows Server 2012*
  • Windows Server 2012 R2*
  • Windows Server 2016*
  • Windows Server 2019*
  • Windows Server 2022*

* - recommended for managing 5000 or more endpoints.

For Endpoint Central Agents

 
You can use Endpoint Central to manage the computers running on the below mentioned operating system.

For Managing Mobile Devices

  • Android: Android devices running on version 4.0 or above
  • iOS (incl. iPhone, iPad and iPod): iOS devices running on version 4.0 or above
  • Windows Smartphones: Devices running on version Windows Phone 8.1 or above
  • Windows laptops (incl. Surface Hubs and Surface Pros): Devices running on Windows 10
  • Chrome OS: Devices running on version 57.0 or later
  • tvOS: Devices running on version 7.0 or above
  • macOS: Devices running on version 10.11 or later
Supported Browsers

    You are required to install any of the following browsers on your computer to access the Endpoint Central console:

  • Microsoft Edge
  • Mozilla Firefox
  • Google Chrome
  • Zoho Ulaa

Note: The screen resolution should be 1280 x 1024 pixels or higher.

Supported Database

    Endpoint Central supports the following databases:

  • PGSQL
  • MSSQL
    • SQL Server 2022
    • SQL Server 2019
    • SQL Server 2017
    • SQL Server 2016
    • SQL Server 2014
    • SQL Server 2012
    • SQL Server 2008

Note: Endpoint Central supports the aforementioned SQL Server versions in AWS as well.

Supported WebServers

    Endpoint Central uses the following web servers:

  • Nginx(for static file services)
  • Tomcat (for application related services)
Supported TLS Versions
  • From Endpoint Central version 11.2.2330.1:Endpoint Central and Secure Gateway Server support TLS version 1.2 by default. However, you have the option to enable the older TLS versions (TLS 1.0 and TLS 1.1) from the Security Settings page.
  • Prior to Endpoint Central version 11.2.2330.1:Endpoint Central and Secure Gateway Server support TLS versions 1.0, 1.1, and 1.2 by default. However, you have the option to disable the older TLS versions (TLS 1.0 and TLS 1.1) from the Security Settings page.