How do Endpoint Policy Servers Work?
External Endpoint Policy Servers decrease the load of the Endpoint Security Management Server and reduce the bandwidth required between sites. By default, the Endpoint Security Management Server also acts as an Endpoint Policy Server, in addition to the other Endpoint Policy Servers. The work of communication with the Endpoint Security clients is distributed among all of them.
The Endpoint Policy Servers are located between the Endpoint Security clients and the Endpoint Security Management Server. For most tasks, Endpoint Security clients communicate with the Endpoint Policy Servers and the Endpoint Policy Servers communicate with the Endpoint Security Management Server.
If there are multiple Endpoint Policy Servers in an environment, each Endpoint Security client does an analysis to find which Endpoint Policy Server is "closest" (will be fastest for communication) and automatically communicates with that server.
|
Item |
Description |
|---|---|
|
1 |
Active Directory Domains |
|
2 |
Endpoint Security Management Server |
|
3 |
External Endpoint Policy Server |
|
4 |
Enterprise workstations with Endpoint Security clients installed |
The Endpoint Policy Server handles the most frequent and bandwidth-consuming communication. The Endpoint Policy Server handles these requests without forwarding them to the Endpoint Security Management Server:
-
All heartbeat and synchronization requests.
-
Policy downloads
-
Dynamic (EXE) and Windows installer (MSI) package downloads
-
Anti-Malware updates
-
All Endpoint Security client logs (the Endpoint Policy Server is configured as Log Server by default).
The Endpoint Policy Server sends this data to the Endpoint Security Management Server:
-
All component-specific messages (which require information to be stored in the database). For example, Full Disk Encryption recovery data.
-
Monitoring data. This includes the connection state and other monitoring data for connected clients.
-
Policy Server generated messages.