Enterprise

The Endpoint Encryption Enterprise is the unique identifier about the organization in the PolicyServer database configured during PolicyServer configuration. One PolicyServer database may have one Enterprise configuration.

Database

The PolicyServer Microsoft SQL database securely stores all user, device, and log data. The database is either configured on a dedicated server or added to an existing SQL cluster. The log and other databases can reside separately.

PolicyServer Windows Service

PolicyServer Windows Service manages all communication transactions between the host operating system, Endpoint Encryption Service, Legacy Web Service, Client Web Proxy, and SQL databases.

Endpoint Encryption Service

Starting from Endpoint Encryption 5.0, all agents use Endpoint Encryption Service to communicate with PolicyServer. Endpoint Encryption Service uses a Representational State Transfer web API (RESTful) with an AES-GCM encryption algorithm. After a user authenticates, PolicyServer generates a token related to the specific policy configuration. Until the Endpoint Encryption user authenticates, the service denies all policy transactions.

Legacy Web Service

All Endpoint Encryption 3.1.3 and earlier agents use Simple Object Access Protocol (SOAP) to communicate with PolicyServer. Under certain situations, SOAP may allow insecure policy transactions without user authentication. Legacy Web Service filters SOAP calls by requiring authentication and limiting the commands that SOAP accepts. This service is optional, and can be installed on the same endpoint as the Endpoint Encryption Service using the Endpoint Encryption proxy installer.