Endpoint Encryption Components Parent topic

Endpoint Encryption consists of one central management server (PolicyServer) that manages the policy and log databases, authentication, and all client-server activity. Deploy several unique Endpoint Encryption agents that each perform specific encryption tasks. All Endpoint Encryption agents communicate via an encrypted channel.
Flexibly manage Endpoint Encryption using only PolicyServer MMC or manage Endpoint Encryption using Control Manager for policy, user and device management and PolicyServer MMC for advanced log management and reporting.
Endpoint Encryption integrates with OfficeScan. Use the Endpoint Encryption Deployment Tool plug-in to deploy the Endpoint Encryption agent software to any OfficeScan managed endpoint.
The following illustration shows the Endpoint Encryption components and communication protocols.
TMEE_architecture_officescan_tmcm.jpg

Endpoint Encryption Architecture

The following table describes these components.

Endpoint Encryption Components

Component
Description
Endpoint Encryption PolicyServer Services
PolicyServer consists of several services that centrally control policies, authentication, and reporting. PolicyServer consists of the following:
  • Endpoint Encryption Service
  • Legacy Web Service
  • PolicyServer Windows Service
For information about PolicyServer, see About PolicyServer.
Endpoint Encryption PolicyServer SQL Database
The Microsoft™ SQL Server database stores all user, policy, and log information. Install the database on the same server as PolicyServer, or separately. Flexibly configure PolicyServer using Microsoft SQL Server or Microsoft SQL Express.
Endpoint Encryption PolicyServer MMC
PolicyServer MMC is the native interface option to remotely manage PolicyServer.
Trend Micro Control Manager
Trend Micro Control Manager is an option to remotely manage PolicyServer while also integrating with other managed Trend Micro products.
Administrators can use the policy management feature to configure and deploy product settings to managed products and endpoints. The Control Manager web-based management console provides a single monitoring point for antivirus and content security products and services throughout the network.
Endpoint Encryption 5.0 agents
All Endpoint Encryption 5.0 agents communicate with the PolicyServer Endpoint Encryption Service using a RESTful web API.
For more information about Endpoint Encryption agents, see:
For information about Endpoint Encryption agent communications, see About PolicyServer.
Note
Note
Configure port settings during Endpoint Encryption agent installation. Full Disk Encryption can use Recovery Console to change the assigned port number.
Other Endpoint Encryption agents
All legacy Endpoint Encryption agents (3.1.3 and older) communicate to the Legacy Web Service on PolicyServer. For details about agent communications, see About PolicyServer.
Active Directory
PolicyServer synchronizes user account information by communicating with Active Directory using LDAP. Account information is cached in the Microsoft SQL database.
Note
Note
Active Directory is optional.