There are a few questions the ZENworks Endpoint Security Management administrator needs to consider prior to beginning installation:
The options for policy distribution center around whether users should be able to receive a policy update anywhere, including outside the central network, or if they should receive them only when they are in (or connected via VPN) a secured network. For organizations planning to frequently update their ZENworks Endpoint Security Management security policies, a Multi-Server installation is recommended that places the Policy Distribution Service on a Web server outside the DMZ.
If your organization only has a few servers available, then a Single-Server installation deployment may be necessary. If server availability isn't an issue, then the size of your client deployment and the number of users operating outside the firewall should be taken into consideration.
ZENworks Endpoint Security Management creates three SQL databases at installation. If your deployment is small, you can install the SQL database server on the same server as the Management Service. For larger deployments, a separate SQL database server should be employed to receive the data from the Policy Distribution and Management Services.
The following RDBMS types are allowed:
SQL Server 2005 and 2008 Standard
SQL Server 2005 and 2008 Enterprise
Microsoft SQL Server 2000 SP4
If you are using Microsoft SQL Server 2005 or Microsoft SQL Server 2008, you need to configure your SQL server to support ZENworks Endpoint Security Management. The screenshots in the following procedure are for 2005, but the configuration steps are the same for 2008.
Make sure you have Microsoft SQL Server Management Studio.
Management Studio is included with the Standard and Enterprise editions. If you are using the Express edition (for an evaluation installation), you can download Management Studio Express from the Microsoft Download Center.
Launch Management Studio (
menu > > > ).Right-click your SQL server (TC2K3 in the above screen shot), then click
.Select
, then make sure that Server Authentication is set to .Click
, then exit Management Studio.Launch SQL Server Configuration Manager (
menu > > > > ).Expand theMSSQLSERVER is your server), then make sure that is enabled as shown below.
section, select (whereExpand the SQL Native Client Configuration section, select Client Protocols, then make sure that TCP/IP is enabled as shown below.
Exit SQL Server Configuration Manager.
For disaster recovery and failover designs, you should use enterprise, or otherwise-issued, Certificate Authority (VeriSign, GeoTrust, Thawte, and so forth) SSL certificates for full deployments of ZENworks Endpoint Security Management. When using your own certificates, the Web service certificate and root CA should be created on the machine designated as the Policy Distribution Service, then distributed to the appropriate machines. To create an Enterprise Certificate Authority, see the step-by-step instructions for securely setting up a certificate authority, available at on the Microsoft Web site.
For evaluations or small deployments (fewer than 100 users), you can use ZENworks Endpoint Security Management self-signed certificates. Novell SSL Certificates are installed onto the servers when running the typical installation.
The Endpoint Security Client software can be deployed either individually onto each endpoint or through an MSI push. Instructions on creating an MSI package can be found in Section 8.2, MSI Installation.
Policies can be distributed to a single machine, where every user who logs on receives the same policy, or policies can be set for individual users or groups.
Each installation has several pre-requisites. It is recommended that each check list of prerequisites be complete before running the installation for any component. Please review the lists on the following pages: