Small Multi-Site Deployment

system-arch-small-multi-site.png
This multi-site deployment scenario supports up to 60,000 Traps agents and consists of the following components:
  • One dedicated database server at one of the sites
  • One ESM Console in the same location as the database for managing the security policy and Traps agents
  • One ESM Server per site or two ESM Servers per site for redundancy
  • One forensic folder accessible by all endpoints for storing real-time forensic details about security events
  • (
    Recommended
    ) WildFire integration
  • (
    Optional
    ) Load balancer for distributing traffic across ESM Servers
  • (
    Optional
    ) External logging platform, such as an SIEM or syslog
In this deployment scenario, Site A contains an ESM Server, database, and ESM Console for managing local policies and endpoints. Site B contains a second ESM Server that is capable of supporting up to 30,000 additional agents. Both servers obtain the security policy from the database located in Site A and distribute the policy to the agents. The agents connect to the primary ESM Server on their site while the ESM Server in the other site acts as a secondary backup server.

Related Documentation