Secure Relay Architectures for On-Premises Platforms
Tenable Identity Exposure supports the following architectures comprising the Storage Manager (SM), Security Engine Node (SEN), Directory Listener (DL), and Secure Relay (SR):
Standard 3 Servers with DL and SR on the Same Server
This architecture transitions from a standard 3-servers architecture (SM, SEN, and DL) to one with a DL running the SR on the same server.
3.42 |
|
---|---|
|
|
Note: This architecture requires that you combine the required resources for the DL and SR in one virtual machine.
|
Standard 3 Servers with DL and SR on a Separate Server
This architecture transitions from a standard 3-servers architecture (SM, SEN, and DL) to one with the DL and SR running on separate servers.
3.42 |
|
---|---|
|
|
Multiple DLs to a Single DL Running SR
This architecture transitions from a multiple-DLs architecture to one with a single DL running the SR.
3.42 |
|
---|---|
|
The first Directory Listener owns the Secure Relay and acts as the "concentrator" for all deployed Secure Relays deployed (former Directory Listeners) and communicate with these using TLS. This Secure Relay:
|
Multiple DLs to a New DL Communicating with SR(s)
This architecture transitions from a multiple-DLs architecture to one with a new DL that communicates with Secure Relays (replacing old Directory Listeners).
3.42 |
|
---|---|
|
A new server for the Directory Listener acts as the "concentrator" for all deployed Secure Relays (former Directory Listeners) which communicate with the Directory Listener using TLS. The Secure Relay:
|
See also
Secure Relay for Tenable Identity Exposure 3.59