Novell® ZENworks® Endpoint Security Management consists of four high-level functional components: the Policy Distribution Service, the Management Service, the Management Console, and the Endpoint Security Client. The figure below shows these components in the architecture:
Figure 1-1 ZENworks Endpoint Security Management Architecture
The Endpoint Security Client is responsible for enforcement of the distributed security policies on the endpoint system. When the Endpoint Security Client is installed on all enterprise PCs, these endpoints can now travel outside the corporate perimeter and maintain their security; endpoints inside the perimeter receive additional security checks within the perimeter firewall.
The following components are installed on servers that are secured inside the corporate perimeter:
Policy Distribution Service: Responsible for the distribution of security policies to the Endpoint Security Client and retrieval of reporting data from the Endpoint Security Client. The Policy Distribution Service can be deployed in the DMZ, outside the enterprise firewall, to ensure regular policy updates for mobile endpoints.
Management Service: Responsible for user policy assignment and component authentication, reporting data retrieval, creation and dissemination of ZENworks Endpoint Security Management reports, and security policy creation and storage.
Management Console: The visible user interface, which runs directly on the server hosting the Management Service or on a workstation residing inside the corporate firewall with connection to the Management Service server. The Management Console is used to both configure the Management Service and to create and manage user and group security policies. Policies are created, copied, edited, disseminated, and deleted using the Management Console.