Ivanti Endpoint Manager 2017 Architecture - Overview

Version 15

    Verified Product Versions

    LANDESK Management Suite 9.6LANDESK Management Suite 2016.xLANDESK Endpoint Manager 2017.x

    Applies to Ivanti Endpoint Manager 2017 (The information here may also generally apply to other versions of Ivanti Endpoint Mananger. Verify before planning any architecture)

     

    Ivanti Endpoint Manager, Endpoint Security for Endpoint Manager and Patch for Endpoint Manager provide essential IT services to many organizations from simple "kiosk" machines to the CEO's laptop; from mission-critical servers to smartphones. It is often a keystone to many services provided by the IT department. Because of this, it is important that Ivanti perform well and be able to accomplish the tasks the each organization needs to get done in a manner that they can plan for and expect. Ivanti Software is constantly working to make sure that we can deliver a product that can do all of this for our customers. A critical component in the overall solution is the architecting of the Ivanti "environment". The servers, equipment and software that provide various services or functionality key to a smooth running Ivanti solution. When architected properly things go much smoother and you avoid the headaches that can come when every task requires careful consideration to not upset the balance that is just barely holding together.

     

    Ivanti Architecture

    There are several distinct services or functionalities that may be required or used with Ivanti Endpoint Manager. These can include some or all of the following:

    • Ivanti Core Server
      • This server includes IIS which provides many key web services
    • Database Server (MS SQL)
    • Ivanti Cloud Services Appliance (CSA)
    • Remote Management Console
    • Preferred Servers
    • PXE Representatives

    There are other services or servers that can be used depending on the requirements, such as a Terminal Server to allow access to the Remote Management Console or a dedicated reporting server for custom reports and so forth.

     

    Considerations for Upgrade and Install

    When upgrading or installing Ivanti, the demands on the system may be higher than during normal use. This can be due to increased activity that can occur during an upgrade. For example, installing a new agent may cause that device to perform several scans to ensure it is up-to-date. Additionally adoption of new features can lead to increased load on the system, so an environment that was meeting expectations before, may begin to not meet expectations as the demand or feature adoption increases.

     

    Software Requirements

    Core Server

    The Ivanti Endpoint Manager Core Server is now fully 64-bit, so it cannot be run on any 32-bit systems.

    • Microsoft Windows Server 2012 R2 with Update 1, 64-bit
    • Microsoft Windows Server 2016, 64-bit

    The install language of the Microsoft Windows Server should match the Ivanti install language and the language of all Remote Consoles.

    Important: Upgrading the Core Server Operating System over an existing Windows installation is not supported. A "clean" installation is required

     

    Database Server

    The following database systems are supported:

    Microsoft SQL Server
    • Microsoft SQL Server 2012 Express (Free to use, but limited)
    • Microsoft SQL Server 2012 Standard/Enterprise
    • Microsoft SQL Server 2014 Standard/Enterprise
    • Microsoft SQL Server 2016 Express/Standard/Enterprise

    Ivanti has not performed testing with Microsoft SQL Server on Linux. Initial examination seems to indicate that it should work, as it provides the general SQL functionality necessary, however customers should use it at their own risk until further notice. Ivanti welcomes feedback from customers with experience or need to run Ivanti Endpoint Manager using MSSQL on Linux.

    Important Note: Microsoft SQL Express editions are severely limited in CPU usage, memory usage and total database size. This can cause performance problems and even complete failure if those limits are exceeded. It should only be used in very small environments or test labs.

     

     

    Oracle 11g

    Oracle is not a supported database server for Endpoint Manager 2017

     

    Remote Console

    The Ivanti Managment Console is installed as part of the Core Server installation. Additional Remote Consoles can be installed as well to provide access to the Ivanti Manager/Endpoint Security tools and features. For Ivanti Endpoint Manager 2017, the Remote Console can only be installed and run on 64-bit systems.

    Supported Operating Systems:
    • Windows 7 Professional, Business, Enterprise and Ultimate Editions x64
    • Windows 8.1 x64
    • Windows 10 x64
    • Windows Server 2008 R2 SP1
    • Windows Server 2012 x64
    • Windows Server 2012 R2 x64
    • Windows Server 2016 x64

     

    Supported Platforms

    For additional information on supported client platforms see: Supported Platforms and Compatibility Matrix for LANDESK Management Suite

    Hardware Recommendations

     

    Generic Guidelines

    The following are some generic guidelines to get started. More details based on environment size listed below.

    ProcessorsMemoryStorageNIC
    • Processors should include HyperThreading or similar technology
    • All processors counts below assume the processors have HyperThreading or similar technology
    • Recommend 2MB per managed device on the database. 10k nodes would mean 20GB RAM
    • Core Server should have 6 - 10 GB. More depending on use or configuration
    • For optimal performance, the Database server should have enough memory (RAM) to cache the Ivanti database in memory.
    • On-box storage is recommended for optimal performance
    • Use RAID arrays for redundance and speed on both Core and Database
    • Make sure there are enough disks in the array
    • Ivanti recommends that there be physical separation of the database array when using shared storage
    • Any storage technology should be able to deliver 300 - 500 KBPS burstable per 1000 nodes
      • Example: 8k nodes should have 2400 - 4000 KBPS burstable
    • Disk I/O is the top bottleneck for database performance when using Ivanti, so optimization of disk I/O is highly recommended.
    • Recommend 2 - 5MB per managed device on the database. When fully utilizing Data Analytics and other features, usage can climb to 10MB or more per node
    • The Core Server should only have a single IP address
    • Multiple NICs are only supported when configured with a single IP address.
    • Gigabit or better NICs recommended

     

    Virtualization Considerations

    Ivanti Endpoint Manager can be run in physical or virtual environments. Ivanti Software does not certify any virtualization platform or hypervisor, nor any specific hardware vendor for the Core Server as the software does not interact at a such a low level. Virtualization of the Core Server, and other components is supported on-premise, co-located or in a private cloud, assuming all requirements are met. For co-located and private cloud installations, it is important to ensure that the network configuration allows for all necessary communications between the Core and other systems.

     

    Special consideration should be given to virtualized systems in regard to CPU Cores. Most hypervisors present a single hyperthreaded CPU as 2 separate CPU cores to guest operating systems. This can lead to confusion as a single hyperthreaded CPU core does not provide the same performance as two separate CPU cores. This can lead to performance bottlenecks as well as licensing complications for supporting software, such as Microsoft Windows and SQL. It is advised to check with an appropriate licensing specialist to ensure systems are licensed appropriately and costs are optimized to the best outcomes. Ivanti Endpoint Manager is licensed based on endpoint devices and/or users, and does not have any CPU licensing restrictions.

    Discovery Services and Elasticsearch

    Ivanti is constantly innovating and introducing new functionality to our customers. Discovery Services is a new and developing functionality intended to help customers better understand their environment and changes that may occur in the environment. Discovery Service is currently a beta product and not recommended for general production use. Discovery Services uses Elasticsearch as a backend data store. A basic installation is included with the install of Ivanti Endpoint Manager 2017 and can provide limited functionality. This document does not include information about Elasticseach architecture or sizing. Customers should contact Ivanti Support for additional information if using Discovery Services in production, or using Concorde solutions with Ivanti Endpoint Manager.

     

    Additional Guidelines by Environment Size

     

    Up to 750 Devices

    All Ivanti Services on a single server
    • Dual-core, 64-bit processor
    • 6GB RAM
    • 100/1000 Mb Network Adapter
    • 100 GB of free disk space on 10K RPM or faster drives or arrays.
      • Drive/Array configuration
        • One drive or array for the operating system, Ivanti Endpoint Manager application and database application
        • One drive or array for the database and database logs

     

    750 to 1,500 Devices

    All Ivanti Services on a single server
    • Quad-core, 64-bit processor. (Preferably two physical quad-core processors)
    • 8+ GB RAM
    • 100/1000 Mb Network Adapter
    • 100 GB of free disk space on 10K RPM of faster drives or arrays
      • Drive/Array configuration
        • One drive or array for the operating system, Ivanti Endpoint Manager application and database application.
    • One drive or array for the database and database logs. RAID 0, 5, 10, or an equivalent/faster redundant storage technology is recommended.

     

    1,500 - 3,000 Devices

    All Ivanti Services on a single server
    • Two Quad-core, 64-bit processors (8 CPU cores total)
    • 12 - 16+ GB of RAM or more
    • Gigabit network adapter
    • 3 storage arrays with 100 GB of free space each on 15K or faster drives
      • One array for the Operating System. RAID 0, 1, 5 or faster
      • One array for Ivanti Endpoint Manager software. RAID 0, 5, 10 or an equivalent/faster technology
      • One array for the database and database logs. RAID 0, 5, 10 or an equivalent/faster redundant storage technology

    An Ivanti system for 1,500 to 3,000 devices all running on a single server could see performance issues with disk I/O depending on the use and configuration of both Ivanti and the storage arrays. Some tuning may be needed. As noted above, the arrays should be on separate spindles (physical disk) to reduce any resource conflicts.

     

    3,000 to 5,000 Devices

    Ivanti Core Server and Database Server on separate servers

    For more recommendations and guidelines for an environment of this size, see Recommendations for tuning LDMS and MS SQL for large enterprise Core Servers

    The Core Server
    • Two quad-core, 64-bit processors (8 CPU cores total)
    • 6 - 10 GB RAM
    • Gigabit Network Adapter
    • 2 arrays with 50 GB of free space per array on 15K RPM or faster drives
      • The operating system should be on an array of RAID 0, 1 or an equivalent/faster technology
      • Ivanti Endpoint Manager software should be on an array of RAID 0, 5, 10 or an equivalent/faster redundant storage technology
    The Database Server
    • Quad-core, 64-bit processors (4 CPU cores total)
    • 12+ GB of RAM
    • Gigabit Network Adapter
    • Three arrays with 50 GB of free space per array on 15K RPM or faster drives
      • The operating system array should be RAID 0, 1 or an equivalent/faster technology
      • One array for the database. RAID 0, 5, 10 or an equivalent/faster redundant storage technology
      • One array for the database logs, RAID 0 or an equivalent/faster redundant storage technology

     

    5,000 to 8,000 Devices

    Ivanti Core Server and Database Server on separate servers

    For more recommendations and guidelines for an environment of this size, see Recommendations for tuning LDMS and MS SQL for large enterprise Core Servers

    The Core Server
    • Two - Three quad-core, 64-bit processors (8 - 12 CPU cores total)
    • 6 - 10 GB RAM
    • Gigabit Network Adapter
    • 2 arrays with 50 GB of free space per array on 15K RPM or faster drives
      • The operating system should be on an array of RAID 0, 1 or an equivalent/faster technology
      • Ivanti Endpoint Manager software should be on an array of RAID 0, 5, 10 or an equivalent/faster redundant storage technology
    The Database Server
    • Two quad-core, 64-bit processors (8 CPU cores total)
    • 16+ GB of RAM
    • Gigabit Network Adapter
    • Three arrays with 75 GB of free space on 15K RPM or faster drives
      • The operating system array should be RAID 0, 1 or an equivalent/faster technology
      • One array for the database. RAID 0, 5, 10 or an equivalent/faster redundant storage technology
      • One array for the database logs, RAID 0 or an equivalent/faster redundant storage technology

     

    8,000 to 12,000 Devices

    Ivanti Core Server and Database Server on separate servers

    Important: For Ivanti Endpoint Manager installations of this size, further tuning and design assistance from Ivanti Professional Services or from a valued Expert Solution Provider (ESP) may be required.

    For more recommendations and guidelines for an environment of this size, see Recommendations for tuning LDMS and MS SQL for large enterprise Core Servers

    The Core Server
    • Four quad-core, 64-bit processors (16 CPU cores total)
    • 20+ GB of RAM
    • Gigabit Network Adapter
    • 2 arrays with 75 GB of free space per array on 15K RPM or faster drives
      • The operating system should be on an array of RAID 0, 1 or an equivalent/faster technology
      • Ivanti Endpoint Manager software should be on an array of RAID 0, 5, 10 or an equivalent/faster redundant storage technology
    The Database Server
    • 3+ quad-core premium 64-bit processors (12+ CPU cores total)
    • 32+ GB of RAM
    • Gigabit Network Adapter
    • Three arrays with 100 GB of free space on 15K RPM or faster drives
      • The operating system array should be RAID 0, 1 or an equivalent/faster technology
      • One array of four or more disks for the database. RAID 0, 5, 10 or an equivalent/faster redundant storage technology
      • One array for the database logs, RAID 0 or an equivalent/faster redundant storage technology
    • Microsoft SQL Server Enterprise Edition may be beneficial for environments of this size. Consult Microsoft for a detailed SQL Server Edition comparison.

     

    12,000 to 16,000 Devices

    Ivanti Core Server and Database Server on separate servers

    Important: For Ivanti Endpoint Manager installations of this size, further tuning and design assistance from Ivanti Professional Services or from a valued Expert Solution Provider (ESP) may be required.

    For more recommendations and guidelines for an environment of this size, see Recommendations for tuning LDMS and MS SQL for large enterprise Core Servers

    The Core Server
    • Four quad-core, 64-bit processors (16 CPU cores total)
    • 20+ GB RAM
    • Gigabit Network Adapter
    • 2 arrays with 75 GB of free space per array on 15K RPM or faster drives
      • The operating system should be on an array of RAID 0, 1 or an equivalent/faster technology
      • Ivanti Endpoint Manager software should be on an array of RAID 0, 5, 10 or an equivalent/faster redundant storage technology
    The Database Server
    • Four quad-core premium, 64-bit processors (16 CPU cores total)
    • 48+ GB of RAM
    • Gigabit Network Adapter
    • Three arrays with 100 GB of free space on 15K RPM or faster drives
      • The operating system array should be RAID 0, 1 or an equivalent/faster technology
      • One array of four or more disks for the database. RAID 0, 5, 10 or an equivalent/faster redundant storage technology
      • One array for the database logs, RAID 0 or an equivalent/faster redundant storage technology
    • Microsoft SQL Server Enterprise Edition may be beneficial for environments of this size

     

    16,000 to 25,000 Devices

    Ivanti Core Server and Database Server on separate servers

    Important: For Ivanti Endpoint Manager installations of this size, further tuning and design assistance from Ivanti Professional Services or from a valued Expert Solution Provider (ESP) may be required.

    For more recommendations and guidelines for an environment of this size, see Recommendations for tuning LDMS and MS SQL for large enterprise Core Servers

    The Core Server
    • Four quad-core, 64-bit processors (16 CPU cores total)
    • 32+ GB RAM
    • Gigabit Network Adapter
    • 2 arrays with 75 GB of free space per array on 15K RPM or faster drives
      • The operating system should be on an array of RAID 0, 1 or an equivalent/faster technology
      • Ivanti Endpoint Manager software should be on an array of RAID 0, 5, 10 or an equivalent/faster redundant storage technology
    The Database Server
    • Four - six quad-core premium, 64-bit processors (16 - 24 CPU cores total)
    • 64+ GB of RAM
    • Gigabit Network Adapter
    • Three arrays with 150 GB of free space on 15K RPM or faster drives
      • The operating system array should be RAID 0, 1 or an equivalent/faster technology
      • One array of four or more disks for the database. RAID 0, 5, 10 or an equivalent/faster redundant storage technology
      • One array for the database logs, RAID 0 or an equivalent/faster redundant storage technology
    • Microsoft SQL Server Enterprise Edition may be beneficial for environments of this size

     

    More than 25,000 Devices

    For Ivanti Management Suite installations of this size, additional tuning and design assistance from Ivanti Professional Services or from a valued Expert Solution Provider (ESP) is strongly recommended.