Super-Node

What is a Super Node?

A Super Node is a Windows device running a specially configured Endpoint Security Client with server-like and proxy capabilities. It functions as a light-weight proxy (based on NGINX) that helps reduce bandwidth consumption and supports offline updates, so that only the Super Node requires direct connectivity to the update servers.

By default, a Super Node listens on TCP port 4434 and TCP port 3128 (proxy mode) for client connections. Endpoint clients also use TCP port 4436 (HTTPS) for Super Node proximity calculations.

Note - Ensure ports 4434 and 4436 are allowed between endpoints and the Super Node under the same firewall rules. If port 4436 is blocked, the Super Node cannot perform proximity calculations.

Primary Advantages:

Reduces site bandwidth usage.
Reduces server workload.
Reduces customer expense on server equipment, as there is no need for a local appliance.
Improved scale.

Note - Super-Node is available in both Domain and Workgroup environments.

A Super Node is a Windows device running a specially configured Endpoint Security Client that also consists of server-like and proxy-like capabilities, and which listens on port 4434 and port 3128 to proxy by default. Super Node is a light-weight proxy (based on NGNIX) that allows admins to reduce their bandwidth consumption and enable offline updates, where only the Super Node needs connectivity to the update servers.

Super Node Workflow

When a device is assigned as a super node and has the supported blades installed, it downloads signatures from the sources defined in the policy and stores a local copy. This local copy serves as the signature source for other Endpoint Security Clients.

When an Endpoint Security Client initiates an update, it follows this process:

The Endpoint Security client checks for the latest signatures from a randomly selected super node listed in the Client Settings > General policy.
If the update fails with the chosen super node, the Endpoint Security client attempts the update with another super node in the list.
If the update fails with all the super nodes listed in the General Client Settings policy, the Endpoint Security client will update directly from the sources specified in the policy.

Primary Advantages:

Reduces site bandwidth usage.
Reduces server workload.
Reduces customer expense on server equipment, as there is no need for a local appliance.
Improved scale.

Notes -

Super Node is available in both Domain and Work group environments.
If the Endpoint Security client configured as a super node is of a lower version than its connection clients, the super node will return a 404 error response when a connection client tries to download the policy signatures. In this case the connection client downloads the signatures from the fallback location.
Super Node is supported for macOS through a Windows Super Node (preferred), or via a macOS machine for Anti-Malware A component of the Endpoint Security client that protects against known and unknown viruses, worms, Trojan horses, adware, and keystroke loggers. only.
Super Node is now supported on Endpoint Security Clients for Linux, starting from version 1.22.12.

Supported Features

Endpoint Security Client Version

Features Supported

E85.30 and higher

Downloading the software upgrades for Windows installer (MSI) packages from the super nodes.

Super node tries to cache the requested files in the local folder.

Note - The files are cached based on the available free space in the super node device and the cache size configured.

E85.40 and higher

Downloading the software upgrades for Dynamic (EXE) packages from super nodes.
Downloading Behavioral-Guard & Static Analysis signature updates from super nodes.

E86.10 and higher

Downloading client policies and policy changes from super nodes.

E87.00 and higher

Endpoint Security Client for macOS and can be configured to create a local mirror of the Anti-Malware signatures which can be used as a signature source for other Endpoint Security clients for macOS.

E88.70 and higher

Super node proxies are supported for offline environment.

Limitations

By default, the cache max size is 4 GB and will automatically purge files after 7 days of inactivity. Files stored for a longer time without access are removed from cache.
Super Node requires approximately 350 MB of additional space to operate properly.

To configure a Super Node through the toolbar:

For Management Servers supporting Manage Super Nodes capability:

Go to Policy > Client Settings.
Configure the Super Node:
1. From the toolbar, click Manage Super Nodes.The Manage Super Nodes page will be displayed.
2. Click the + icon.
3. Select the required devices and click Add.
  
  You can use the search bar to find the required device(s).
  
  The system creates a widget for each device selected as a super node.
4. Click Save.

Apply the super node to the required policy.

Select the relevant policy (Policy > Client Settings).
In the Capabilities & Exclusions pane, go to the General tab.
Scroll down to the Super Nodes section and click the + icon.
Select the devices you want to assign as super nodes and click Add.

Click Save & Install.

Note - The system applies the selected super nodes only to the devices (users) selected in the policy.