Scenarios for Padvish Management Consoles Interconnection

Issue

In large-scale enterprise environments, managing all endpoints through a single centralized management console can become unwieldy and inefficient. To address this, Padvish provides a hierarchical architecture using a Master/Slave model. This architecture enables distributed management by allowing regional or departmental servers (Slave Consoles) to operate semi-independently while still being connected to a central management server (Master Console).

Solution

Connection Scenarios

Padvish offers flexible connection scenarios to meet the varying needs of different enterprise environments. These scenarios are categorized into three main models:

1️⃣ Scenario 1 (All features)

The first scenario involves a fully connected Master/Slave hierarchical structure. Communication between the Master and Slave servers via port 13911 is essential.

🔶Features of Scenario 1

1. Receive Updates: The Slave server receives antivirus update files from the Master server. This can be customized in the settings.
2. License Distribution: The Master server can assign its license or a portion of it to the Slave server. This is managed by the Master server administrator.
3. Aggregated Reporting: The Master server can generate customized and statistical reports for all its downstream subsystems.
4. Full Control of the Slave Console: The Master server can view the status of clients, modify settings and policies, and perform all tasks that can be done via the console on Slave servers.
5. Synced Group Management: Using the “Synced Groups” feature under the Managed Computers section in the Padvish management server, you can create groups on the Master server and propagate their settings to all Slave servers in your structure. This enables centralized management of configurations, such as policies for servers or clients, across the entire hierarchy.

The Master administrator can grant limited access to certain users, either for specific sections like reports or settings. All access is logged, and each Slave console can have its own administrator with full control over their respective console.

🔶Implementation Method

To implement this solution, log into the console designated as the Slave, then navigate to Change Server Settings > Server Hierarchy and configure the Master server information.

All features will be activated:

• • Updates will be distributed by the upstream server by default.
  • In License Management, the “Change Distribution” option enables license distribution.
  • In the Custom Reports section, select “Generate report for slave servers” on the Advanced tab to receive consolidated reports.
  • Full control can be exercised by selecting the Slave Servers option and choosing the desired console.

• To restrict access to downstream console users, use Manage Users > Edit User > Custom Rights to assign limited permissions.
• If you are using the Master/Slave method in Padvish, it is good to know that in the Padvish Management Server version 1.14 and later, a new feature called Synced Groups has been added under the Managed Computers option. Using this feature, you can create groups on the master server and send their settings to all the slaves in your tree structure and manage all configurations from one place. In this way, it is possible to define a specific policy (for example, for servers/clients/…) in the entire tree structure.

2️⃣ Scenario 2: Remote Monitoring (Master/Slave)

The second scenario allows the upstream console administrator to monitor downstream consoles and distribute licenses, but without full control. Communication via port 13911 is only required from the Slave server to the Master server.

🔶Features of Scenario 2

In this scenario all of these features are available:

• Receive Updates: The downstream server (Slave) receives antivirus updates from the upstream server (Master), which can be configured in the settings.
• License Distribution: The upstream server can assign a license or part of it to the downstream server, managed by the upstream server administrator.
• Aggregated Reporting: The upstream server can generate custom and statistical reports for its downstream subsystems.
• Synced Group Management: Using the “Synced Groups” feature under the Managed Computers section, you can create groups on the master server and propagate their settings to all downstream servers in your hierarchy, centralizing configuration management.
• No Full Control of Downstream Console: The upstream server does not have full control over the downstream console, except for the scenarios mentioned.

🔶Implementation Method

• Follow the same steps as Scenario 1 to set up the Master/Slave connection. The difference in this scenario is that the upstream server does not require access to the downstream server’s port 13911. Simply block inbound connections on port 13911 on the downstream server to prevent reverse communication.
• All features will be enabled, except for full control over the downstream console.

3️⃣Scenario 3: Update Only

This solution does not follow the Master/Slave hierarchical model. Instead, the Padvish management servers share antivirus updates via a shared folder. There is no centralized control over servers, and each server simply pulls the latest update from a shared location.

🔶Features of Scenario 3

• Receive Updates: The server downloads the update file from the shared folder location set up by another server.
• No License Distribution
• No Aggregated Reporting
• No Full Control of Downstream Console

🔶Implementation Method

By default, the Padvish management server creates a shared folder called PadvishUpdate and places its latest update file in it.

To enable automatic updates from this shared folder, navigate to Change Server Settings > Server Update Settings, and enter the shared folder path of the destination server.