5 Replies Latest reply on Dec 2, 2015 8:26 AM by JoeDrwiega

    Landesk Architecture

    Rookie

      Hello all,

      We want to design a new Landesk Architecture for our clients.

      Case :

      We are a service provider and now we use Landesk mostly for Patching Mangement of servers.

      We have one core server to manage all of our clients

      For security reason some clients doesn't want to be connected directy to our core server.

      They want to have a dedicated core server to limit the communication between their servers and the core server.

      We have 20 clients that want this solution.

      Schema :

      Lanedsk post.png

      I want to know what is the solution propose by Landesk in this case ?

      The idea is to have a management core server that can manage all the core client ( run patching tasks, manage schedule task,etc)

      I have read about roll up core server and Landesk Cloud Service Appliance but I don't know what is the best solution.

       

      Thanks

        • 1. Re: Landesk Architecture
          Leslie2k Apprentice

          From what I understand this type of scenario will not work.  The separate clients will need a separate core with no tie in to the other core.  I would also assume separate license cost.

          • 2. Re: Landesk Architecture
            JoeDrwiega SupportEmployee

            What is the security reason behind the "For security reason some clients doesn't want to be connected directy to our core server."? do they not want certain users to have access to certain servers? If so that can be handled via Users Roles and Scopes set up for certain available subnets or servers, etc. If its data such as patches themselves or software then you can change your client core servers to Preferred Servers and it will maintain the data to those servers you have set up via IP or subnet. The Rollup core could work as your Master and the "core clients" could be your cores. I still believe you might just want to setup up Scopes and then create User Roles for those Scopes to only allow access for those who need access to those.

            • 3. Re: Landesk Architecture
              Rookie

              The reason behind that the : "For security reason some clients doesn't want to be connected directy to our core server.": We have to set limitation between the vlan associate for our clients and our management VLAN.

              So here the idea for a  "client core server" is to avoid a direct communication between all landesks agents to a main core server. If there is a client core server he will centralised all the agent communication. And for manage our client via Landesk we have just to open a limited set of port between our main core server and our client core server.

              I try to be clear but my english is not very good.

              Thanks for your answer

              • 4. Re: Landesk Architecture
                LANDeskWizrd SSMMVPGroup

                From the scenario you are proposing, I do believe a Roll-up core is what will work best for you. You will need to make sure all necessary ports are open so that the "master" core can talk to the other "client" cores. From there you can control all clients, assuming you have the proper certs on that "master" core.

                1 of 1 people found this helpful