Novell Doc: ZENworks Endpoint Security Management 4.1 Installation Guide

1.3 Standard System Architecture

ZENworks Endpoint Security Management consists of four primary components: the Management Service, the Policy Distribution Service, the Management Console, and the Security Client. These components combine with a directory service and an SQL database engine to form the standard system architecture.

Management Service: The central service for the Endpoint Security Management system. The Management Service interoperates with the other components to perform the following functions:

Connects to the directory service to retrieve user, computer, and credential data. The user and computer data is used to assign policies to users and computers. The credential data is used to authenticate users or computers to the system so that they can receive their assigned policies. The Management Service retrieves the data from the directory service and stores it in the system’s Management and Policy databases.
Enables the Management Console to store created policies and policy assignments in the Management and Policy databases.
Transfers compliance reporting data from the Policy Distribution Service and stores the data in the Reporting database.
Transfers security policies to the Policy Distribution Service for distribution to the Security Client.
Authenticate the Security Client (as users or computers) to the system.

Management Console: The administrative interface used to create security policies and assign them to users or computers.

Policy Distribution Service: Receives security policies from the Management Service and distributes them to the Security Client. Retrieves reporting data from the client and stores it until the Management Service transfers it to the Reporting database.

Security Client: Receives security policies from the Policy Distribution Service and enforces the policies on the device. Transfers compliance reporting data to the Policy Distribution Service.

Directory Service: Provides the user, computer, and credential data used by the Endpoint Security Management system. The Management Service uses read-only access to the directory to populate the Management database with the data required to assign security policies to users or computers and to authenticate the users or computers to the system. Microsoft^* Active Directory^* and Novell eDirectory are the supported directory services.

SQL Database Engine: Provides the engine for the three SQL databases (Management database, Policy database, and Reporting database) used with ZENworks Endpoint Security Management.