Deployment Architecture Overview
Dinesh
Last Update 5 giorni fa
Overview
SecOps Solution On-Premises is designed to be deployed entirely within the customer's environment, providing centralized Vulnerability Management, Patch Management, and Configuration Audit capabilities while maintaining full control over infrastructure, data, and network communication.
The platform consists of a central management server that communicates with managed assets using one or more deployment methods depending on the organization's network architecture and operational requirements.
Core Components
SecOps Central Server
The SecOps Central Server is the primary management component of the platform and serves as the central point for all security and patch management operations.
The Central Server hosts the application services, platform database, and local patch repository cache required for daily operations.
Vulnerability Intelligence & Patch Feeds
To maintain accurate security visibility, the platform periodically synchronizes:
- Vulnerability intelligence
- CVE information
- Security advisories
- Product updates
- Patch metadata
This synchronization ensures that vulnerability assessments and patch recommendations remain current.
Patch Repository Cache
The Patch Repository Cache stores patch metadata and downloaded content locally within the customer environment.
This approach helps:
- Reduce repeated external downloads
- Improve deployment performance
- Optimize bandwidth usage
- Support large-scale patch deployments
Supported Deployment Models
SecOps Solution supports multiple deployment models, allowing organizations to manage assets across different network architectures.
Direct Agentless Deployment
In the Agentless model, the SecOps Central Server communicates directly with managed assets using standard administrative protocols.
This deployment method is ideal when:
This deployment method is ideal when:
- Assets are reachable from the Central Server
- Administrative credentials are available
- Network segmentation is minimal
- No endpoint software installation is preferred
Benefits:
- No agent installation required
- Simplified management
- Faster onboarding for internal assets
Agent-Based Deployment
In the Agent-Based model, lightweight agents installed on endpoints establish outbound communication with the SecOps Central Server.
This deployment method is recommended for:
This deployment method is recommended for:
- Remote assets
- Dynamic IP environments
- Assets with limited inbound accessibility
Benefits:
- Simplified connectivity
- Improved management of remote asset
Jump Host Deployment
The Jump Host model is designed for environments where assets are located in isolated networks, branch offices, or segmented VLANs.
A Jump Host is deployed within the remote network and acts as a communication bridge between the SecOps Central Server and the local assets.
This deployment method is commonly used for:
- Branch offices
- Segmented environments
- Restricted network zones
- Remote data centers
Benefits:
- Supports network segmentation requirements
- Reduces firewall complexity
- Enables centralized management across distributed environments
The platform is designed to support mixed deployment architectures, allowing organizations to onboard assets using the method that best fits each network segment.