How Endpoint Central (Formerly Desktop Central) Works? (2024)

ManageEngine Endpoint Central is a web-based desktop and mobile administration software that helps administrators to effectively manage endpoints from a central point. It provides Configurations, Inventory Management, Patch Management, Service Pack Installation, Software Installation, Desktop Sharing, System Tools, Active Directory Reports and User Logon Report.

  1. Endpoint Central LAN Architecture

  2. Endpoint Central WAN Architecture

Endpoint Central LAN Architecture

The figure below depicts the Endpoint Central Architecture. The details of the individual components are given below:

How Endpoint Central (Formerly Desktop Central) Works? (1)

Fig: Endpoint Central Architecture for LAN

Server Component

Endpoint Central Server is located at the enterprise (customer site) is responsible for performing various Desktop Management activities. It pushes the Endpoint Central agent to the client machines, deploys configurations, initiates scanning for Inventory and Patch Management, and generates reports of the Active Directory Infrastructure Components to effectively manage the desktops in the enterprise network. It is advised to keep the Endpoint Central server always running to carry out the day-to-day Desktop Management activities. All these actions can be initiated from a web-based administration console in a few simple clicks.

Agent Component

Endpoint Central Agent is light-weight software that gets installed in the client systems that are being managed using Endpoint Central. It acts as a worker to carry out the operations as instructed by the Endpoint Central Server. It is also responsible for updating the Endpoint Central Server with the status of the deployed configurations. The agent periodically pulls the instructions from the Endpoint Central Server and executes the tasks. The agent contacts the server at the following intervals:

  1. For user-specific configurations - during user logon and every 90 minutes thereafter till the user logs out of the computer.
  2. For computer-specific configurations - during system startup and every 90 minutes thereafter till the system is shutdown.

Patch Database

The Patch Database is a portal in the ManageEngine site, which hosts the latest vulnerability database that has been published after a thorough testing. The Endpoint Central Server periodically synchronizes this information and scans the systems in the enterprise site to determine the missing patches. Subsequently, the patches are installed to fix the vulnerabilities.

The communication between the Endpoint Central Server and the Patch Database is through the Proxy Server or a direct connection to internet. The required patches will be downloaded from Microsoft website and stored locally in the Endpoint Central Server before deploying the patches to the client computers. Hence, each client computer (agent) will take the patch binaries from the Endpoint Central Server.

Web Console

  1. Provides a central control point for all the desktop management functions.
  2. Can be accessed from anywhere: LAN, Remote Offices, and Home through Internet/VPN.
  3. No separate client installations are required.

Active Directory

For Active Directory based Domain setup, the Endpoint Central Server queries the Active Directory to generate out-of-the-box reports for Sites, Domains, Organization Units, Groups, Computers, etc., which gives you a complete visibility into the Active Directory.

Port Details

Ports to be opened on the Agent

To enable remote installation of the Agent, you should open these ports, these ports may not be required post agent installation.

  1. 135 : Used to enable remote administration.

  2. 139 & 445 : Used to enable sharing of files and printers.

Ports to be opened on the Server

  1. 8020: Used for agent-server communication and to access the Web console

  2. 8383: Used for secured communication between the agent and the Endpoint Central server

  3. 389: Used for communication with Active Directory Domain Controller

  4. 636: Used for secure communication with Active Directory Domain Controller

  5. 8443: Used for the Remote Control feature with secured communication

  6. 8444: Used for the Remote Control feature

  7. 8027: Used to complete on-demand tasks like inventory scanning, patch scanning, remote control, remote shutdown and moving agents from one remote office to another

Endpoint Central WAN Architecture

Endpoint Central supports managing Computers in a distributed setup like branch/remote offices and for mobile users (eg. Sales Persons). The figure below depicts the Endpoint Central Architecture for managing computers in WAN. The details of the individual components are given below: How Endpoint Central (Formerly Desktop Central) Works? (2)

Fig: Endpoint Central WAN Architecture

Advantages

  1. Simple, fast, and an affordable solution for your desktop management needs.

  2. Low bandwidth utilization

  3. Network-neutral desktop management.

  4. No separate VPN infrastructure is required.

  5. Secured communication between the Server and the Agent.

  6. Centralized management of computers from a single console.

Server Component

Endpoint Central Server has to be installed in your LAN (say, the head office) and has to be configured as an EDGE device. This means that the designated port (default being 8020 and is configurable) should be accessible through Internet. You need to adopt necessary security standards to harden the OS where the Endpoint Central Server is installed. Agents from all the remote locations report to this Endpoint Central Server.

The Server acts as a container to store the configuration details and, upon request, provide the instructions to the agents. It is advised to keep the Endpoint Central server always running to carry out the day-to-day Desktop Management activities.

Distribution Server Component

Endpoint Central Distribution Server is light-weight software that is installed in one of the computers in the Branch Offices. This Distribution Server will communicate with the Endpoint Central Server to pull the information for all the computers in that branch. The agents that reside in the branch office computers will contact the Distribution Server to get the patch, software and script details available to them and process the requests.

  1. Low bandwidth utilization as only one agent will contact the Server periodically

  2. Pulls the configuration details, software packages, patches to be installed, etc., from the Endpoint Central Server and makes it available for the rest of the computers in the branch.

  3. Supports secured mode of communication (SSL/HTTPS) with the Server.

  4. Distribution Server installation is one-time and subsequent upgrades will be automatically performed.

Agent Component

Endpoint Central Agent is light-weight software that is installed in the client systems that are being managed using Endpoint Central. It acts as a worker to carry out the operations as instructed by the Endpoint Central Server.

  1. Unobtrusive light-weight component.

  2. Can either be installed manually or through the logon script in all the computers that are being managed using Endpoint Central. However, for computers in the LAN, the agents will be automatically installed.

  3. Agent installation is one-time and subsequent upgrades will be automatically performed.

  4. For computers in the same LAN as that of the Endpoint Central Server, the agent will periodically connect to the Server to PULL the configurations available for them, deploys them and updates the status back to the Server.

  5. For computers in Branch Offices, the agent will contact the Master Agent to PULL the configurations available for them, deploys them and updates the status back to the Server.

Web Console

  1. Provides a central control point for all the desktop management functions.

  2. Can be accessed from anywhere: LAN, Remote Offices, and Home through Internet/VPN.

  3. No separate client installations are required.

Port Details

Ports to be Opened on the Agent

To enable remote installation of the Agent, you should open these ports, these ports may not be required post agent installation.

  1. 135 : Used to enable remote administration.

  2. 139 & 445 : Used to enable sharing of files and printers.

Ports to be Opened on the Server

  1. 8020: Used for agent-server communication and to access the Web console

  2. 8383: Used for secured communication between the agent and the Endpoint Central server

  3. 389: Used for communication with Active Directory Domain Controller

  4. 636: Used for secure communication with Active Directory Domain Controller

  5. 8443: Used for the Remote Control feature with secured communication

  6. 8444: Used for the Remote Control feature

  7. 8027: Used to complete on-demand tasks like inventory scanning, patch scanning, remote control, remote shutdown and moving agents from one remote office to another.

Ports to be Opened on the Distribution Server

  1. 8021: Used for communication between the agents in Remote Offices and the Distribution Server

  2. 8384: Used for secured communication between the agents in Remote Offices and the Distribution Server

How Endpoint Central (Formerly Desktop Central) Works? (2024)

FAQs

How Endpoint Central (Formerly Desktop Central) Works? ›

Endpoint Central lets you automate regular endpoint management

endpoint management
Unified endpoint management (UEM) refers to the approach of managing and securing endpoints of various types and operating systems in an enterprise - all from a single console.
https://www.manageengine.com › products › desktop-central
routines like installing patches, deploying software, imaging, and deploying OSs. Moreover, it also lets you manage assets and software licenses, monitor software usage statistics, manage USB device usage, and take control of remote desktops.

How does ManageEngine work? ›

It automates the complete endpoint management life cycle from start to finish to help businesses cut their IT infrastructure costs, achieve operational efficiency, improve productivity, combat network vulnerabilities and insider threats, prevent data leakage and secures enterprise browsers.

What does a desktop central agent do? ›

Desktop Central Agent is light-weight software that is installed in the client systems that are being managed using Desktop Central. It acts as a worker to carry out the operations as instructed by the Desktop Central Server.

Which network architecture does Endpoint Central use? ›

Endpoint Central MSP is built on agent-server architecture. It provides two different options in managing customers of varied sizes. You can choose different options for your different clients based on your need. Click here to know the complete details of the components used in Endpoint Central MSP architecture.

What is Endpoint Central used for? ›

Endpoint Central offers an array of security features including ransomware protection, data loss prevention, application and device security, browser security, vulnerability management, endpoint privilege management, and BitLocker management.

What is the new name for desktop central? ›

As of May 2022, ManageEngine has rebranded Desktop Central to a name that is synonymous with the length and breadth of what they're offering.

What is the purpose of an Endpoint Central agent? ›

The Endpoint Central agent is a lightweight software application that is installed in computers which are managed using Endpoint Central. This agent helps to complete various tasks that are initiated in the Endpoint Central server.

What database does ManageEngine use? ›

Migrating Database (From PostgreSQL to MS SQL Database) PostgreSQL and MS SQL databases are supported in ManageEngine's Access Manager Plus. PostgreSQL comes bundled with the product, by default.

Why do we need ManageEngine? ›

ManageEngine is a comprehensive ITSM tool that helps companies (of all sizes) in running their IT operations smoothly. It assists your IT team in detecting and troubleshooting technical issues before they disrupt your workflow or pose any security threat to your organization.

What ports does Endpoint Central use? ›

The default port number is 8020. <HTTPS Port> refers to the secured port that agents use to contact the Endpoint Central server. The default port number is 8383.

What is the old name of ManageEngine? ›

About Endpoint Central (formerly Desktop Central) | ManageEngine.

Who is the parent company of ManageEngine? ›

ManageEngine is the Enterprise IT Management Software division of ZOHO Corp.

What is desktop central used for? ›

Desktop Central is management software, that allows managing servers, laptops, smartphones, tablets and all desktops – with its Configurations – in the network from a central location. These configurations help administrators to maintain security and to standardize the desktops easily and remotely.

What ports does ManageEngine use? ›

Ports Required
PortPurposeType
8020Web-server port - Non-SSLTCP
8383Web-server port - SSLTCP
8027Notification ServerTCP
8443Remote Control - SSLTCP & UDP
2 more rows

Can Endpoint Central's database be migrated? ›

Yes, We have to make changes in configuration file.

What is the desktop central idea? ›

Desktop Central is management software, that allows managing servers, laptops, smartphones, tablets and all desktops – with its Configurations – in the network from a central location. These configurations help administrators to maintain security and to standardize the desktops easily and remotely.

What is the main purpose of the desktop? ›

With a desktop, you have the processing power and screen real estate to efficiently manage tasks like video conferences, document editing, and collaborating with colleagues or classmates.

What does a desktop power supply do? ›

The desktop computer power supply converts the alternating current (AC) from a wall socket of mains electricity to a low-voltage direct current (DC) to operate the motherboard, processor and peripheral devices.

What does a desktop case do? ›

A computer case safeguards all of the important—and expensive—parts of a PC or other computing device. Internal components include things like the motherboard, chassis, drives, CPU and more for small desktop units, all the way through whole networks and even up to advanced blade servers.

References

Top Articles
Latest Posts
Article information

Author: Cheryll Lueilwitz

Last Updated:

Views: 5613

Rating: 4.3 / 5 (74 voted)

Reviews: 81% of readers found this page helpful

Author information

Name: Cheryll Lueilwitz

Birthday: 1997-12-23

Address: 4653 O'Kon Hill, Lake Juanstad, AR 65469

Phone: +494124489301

Job: Marketing Representative

Hobby: Reading, Ice skating, Foraging, BASE jumping, Hiking, Skateboarding, Kayaking

Introduction: My name is Cheryll Lueilwitz, I am a sparkling, clean, super, lucky, joyous, outstanding, lucky person who loves writing and wants to share my knowledge and understanding with you.