Small Single-Site Deployment

sys-arch-small-single-site.png
This single-site deployment scenario supports up to 30,000 Traps agents and consists of the following components:
  • One dedicated database server
  • One ESM Console for managing the security policy and Traps agents
  • Two ESM Servers, one primary and one backup, on the same network segment as the database server and ESM Console
  • One forensic folder accessible by all endpoints for storing real-time forensic details about security events
  • (Recommended) WildFire integration
  • (Optional) Load balancer for distributing traffic across ESM Servers
  • (Optional) External logging platform, such as an SIEM or syslog
In this deployment scenario, a single site contains the database, ESM Console for managing local policies and endpoints, and redundant ESM Servers. In the event that the primary ESM Server is inaccessible, Traps agents connect to the Endpoint Security Manager using the backup server. Both servers obtain the security policy from the database and distribute the policy to the agents.

Related Documentation