2008-06-10

avast! 中控架構介紹



Welcome to the avast! Distributed Network Manager, the solution for network
antivirus management.
avast! Distributed Network Manager (ADNM) is a suite of powerful tools to help
network administrators manage the avast! antivirus product line across their whole
enterprise.

The ADNM system consists of the following components:
• avast! Management Server (AMS) — the heart of ADNM that provides the
business logic for the whole system.
• SQL Database — serves as data storage for all the policies, security settings and
client information.
• Administration Console — the program the administrator uses to manage the
whole system.

These three components work together with the avast! antivirus products deployed
on individual workstations and servers on the network to provide the best possible
protection against malware and to minimize the effort needed to manage and
monitor their current status.

The brain of the whole system is the AMS (avast! Management Server). This is
where all the hard work is done.

The managed machines connect only to the AMS to download the latest policies
and to report their status and scan results. The Administration Console also
connects directly to the AMS. The AMS is based on an SQL Database – either a
dedicated MS SQL Server 2000/2005, if available, or, for small and medium-size
networks, on its lightweight version, MSDE 2000, which is part of the ADNM
installation package (alternatively, one can use the free version of SQL Server 2005,
"SQL 2005 Express"). It is assumed that the AMS machine can connect to the
Internet via HTTP protocol.

For larger networks, the AMS is expected to be installed on a dedicated computer.
It is also possible to deploy multiple AMS’s (each having its own database). These
can then be instructed to replicate their databases on a regular basis, and also to
upload all scanning results to a dedicated AMS on which enterprise-wide reporting
can be carried out. The administrators can choose from two communication
models used by the AMS and the clients: PUSH or POP. The POP model is
necessary for larger networks and for networks with roaming users. Each AMS can
scale up to tens of thousands of client computers, provided they are all connected
by local area network.

沒有留言: