Deployment scenarios
GFI EndPointSecurity deployments depend on the location of the machines that you need to monitor. Refer to the following deployment scenarios to determine which setup fits best your needs.
Deploy GFI EndPointSecurity on a domain controller
GFI EndPointSecurity installed on a Domain Controller can only monitor machines that are part of the same domain.
When installed on an Active DirectoryA technology that provides a variety of network services, including LDAP-like directory services. environment, GFI EndPointSecurity creates AD groups which can be used to allow or deny access to all the machines. Therefore if a user needs specific access to a device, the administrator just needs to add the user to the group, and changes will be made available when AD settings are updated locally on machines.
Deploy GFI EndPointSecurity on a member server
When GFI EndPointSecurity is installed on a Member Server it can monitor machines that are part of the domain as well as machines that are part of a workgroup.
This setup is preferable in the case you have the computers that are part of a domain together with computers that are members of a workgroup. It adds some complexity to the administration but gives more flexibility and a wider range of machines that can be controlled from a single console.
Deploy GFI EndPointSecurity on a workgroup machine
GFI EndPointSecurity can also be installed on a workgroup environment. If this option is used, GFI EndPointSecurity monitors only the machines that are members of the same group.
In this scenario, local groups need to be created on the GFI EndPointSecurity machine. The same groups need to be created also in the monitored machine so that permissions can be granted.
For more information refer to Configuring access permissions on workgroups.
In this table you can have an overview of the options available:
Installation | Monitor Domain machines | Monitor Workgroup machines |
---|---|---|
Domain Controller | ||
Member Server | ||
Workgroup |