Selecting a structure for protection of an enterprise

Selection of a structure for protection of an organization is defined by the following factors:

When you select a protection structure, it is recommended first to estimate the available network and hardware resources that can be used for the operation of a centralized protection system.

To analyze the network and hardware infrastructure, it is recommended that you follow the process below:

  1. Define the following settings of the network on which the protection will be deployed:
    • Number of network segments.
    • Speed of communication channels between individual network segments.
    • Number of managed devices in each of the network segments.
    • Throughput of each communication channel that can be allocated to maintain the operation of the protection.
  2. Determine the maximum allowed time for the execution of key administrative operations for all managed devices.
  3. Analyze information from steps 1 and 2, as well as data from load testing of the administration system. Based on the analysis, answer the following questions:
    • Is it possible to serve all the clients with a single Administration Server, or is a hierarchy of Administration Servers required?
    • Which hardware configuration of Administration Servers is required in order to deal with all the clients within the time limits specified in step 2?
    • Is it required to use distribution points to reduce load on communication channels?

Upon obtaining answers to the questions in step 3 above, you can compile a set of allowed structures of the organization's protection.

On the organization's network you can use one of the following standard protection structures:

See also:

Standard configuration of distribution points: Single office

Standard configuration: A few large-scale offices run by their own administrators

Standard configuration: Multiple small remote offices

Page top