2 Replies Latest reply on Apr 11, 2018 3:55 AM by phoffmann

    Managing 2 seperate networks from one Management Console

    Rookie

      Hello,

       

      in our company we´ve got 2 seperate networks for each department that has to be seperated. Is there any chance to manage workstation on both networks from one Ivanti Management Console?

       

      I´m thinking of a selector in the network overview that will change the network I´m currently working on. Workstations and data from the networks can´t be mixed together.

       

      Is there any solution to this scenario?

       

      Thank you

        • 1. Re: Managing 2 seperate networks from one Management Console
          Truffles SupportEmployee

          Hello,

           

          The Ivanti Console is sort of an interface to the database. Is there 1 or 2 core's involved? Two Ivanti core's you would change the core name at the login prompt to the console. Then it's somewhat of a matter of resolution and authentication. If the core is on one domain and the clients are on another then permissions on the COM+ objects can be problematic when they are used but most agent communication should work assuming the core can connect. A domain trust may be needed.

           

          If all the clients are managed from one core then you may use a scope and two users. You'll have to close and relaunch the console as the different user of course but the scope will only show the devices it's configured for.

          • 2. Re: Managing 2 seperate networks from one Management Console
            phoffmann SupportEmployee

            Yeah ... Truffles recommendations are spot on here. Can't really think of another graceful solution here.

             

            There's (technically) the TENANT concept, but that requires a CSA ... and at the end of the day, either a "2 Cores" or a "1 Core, but separate users with separate scopes" may be easiest to deal with it. (The latter would still allow admins to keep a "see everything" option, so central reporting is still doable for instance).

             

            Logical separation in one way or another woudl be the best way forward?

             

            If you need to have "separate security" because of political / legal reasons, then you'd want to go for a 2 Core Servers approach (essentially Core A with Cert A can't manage Core B's clients, should they ever get in there by some accident or whatnot).

             

            Does that help / answer your question?