This section provides an overview of the SafeGuard Enterprise components and explains how they interact.
A Microsoft SQL database stores information about the clients (endpoints) on the company network. The Master Security Officer (MSO) uses the SafeGuard Management Center to manage the database contents and to create new security instructions (policies).
The endpoints read the policies from the database and report to the database. The communication between the database and the endpoints is maintained by an Internet Information Services (IIS) based web server which has the SafeGuard Enterprise Server installed on it.
The table below describes the individual components:
|SafeGuard Enterprise Database(s) based on Microsoft SQL Server Database||The SafeGuard Enterprise Database(s) hold all relevant data such as keys/certificates, information about users and computers, events and policy settings. The database(s) need to be accessed by the SafeGuard Enterprise Server and by only one security officer through the SafeGuard Management Center, usually the Master Security Officer. The SafeGuard Enterprise Database(s) can be generated and configured using a wizard or scripts.|
|SafeGuard Enterprise Server on IIS based web server||SafeGuard Enterprise Server runs as an application on a Microsoft Internet
Information Services (IIS) based web server and enables
communication between the SafeGuard Enterprise database and the
SafeGuard Enterprise endpoint. On request, the SafeGuard Enterprise
Server sends policy settings to the endpoints. It requires .NET
Framework 4.5 and ASP.NET 4.5.
When choosing SSL as transport encryption method for the client-server communication, the Basic Authentication role needs to be installed.
|SafeGuard Management Center on administrator computer||Central management tool for SafeGuard Enterprise protected endpoints, used for managing keys and certificates, users and computers, and for creating SafeGuard Enterprise policies. The SafeGuard Management Center communicates with the SafeGuard Enterprise Database. .NET Framework 4.5 is required.|
|Directory Services (optional)||Import of an Active Directory. It holds the company's organizational structure with users and computers.|
|SafeGuard Enterprise encryption software on endpoints||Encryption software for data encryption and secure authentication. SafeGuard Enterprise protected endpoints can either be connected to a SafeGuard Enterprise Server (managed) or not connected to a SafeGuard Enterprise Server at all (unmanaged). Managed endpoints receive their policies directly from the SafeGuard Enterprise Server. Unmanaged endpoints receive their policies inside configuration packages that can be deployed using third-party distribution mechanisms.|