ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.
This board has been created to provide a location in which to ask quick questions about the Traps product, (including information about the installation or management of the Endpoint Security Manager, the Traps endpoint agent, and the associated utilities), interesting configurations you've implemented, to initiate discussions about your experiences running Traps, and to connect with other Traps experts.
You can find the Traps/Endpoint Knowledge Base here (opens in a new window/tab): Endpoint Articles
(Please note that while this forum will include activity from the Traps support team, any urgent issues should be reported to Support directly to ensure prompt attention).
Thanks for stopping by and joining the conversation!
I need some help with a deployment architecture.
For a small install (less than 1000 end points) can both the DB and the EMS Console&Server be hosted on a single virtualized server?
Or should we deploy the solution with 2 dedicated servers:
1x server = ECM Console and ECM Server on same machine
1x database server = SQLite OR SQL 2014 – not sure which one?
According to the below documentation, the install can be done using one server.
Any help/feedback is much appreciated.
Based on your description, there are two applicable options: Standalone Deployment and Small Single Site Deployment.
This design is typically recommended for initial proof of concept (POC) or a small site with fewer than 3000 Traps agents, use a standalone deployment to install the following Endpoint Security Manager (ESM) components on a single server or virtual machine:
• ESM Server
• ESM Console
• Forensic (quarantine) folder
I don't recommend to any of my customers to use this design in production, as it does not provide any redundancy for console or cores.
Small Single Site Deployment
As per the link you posted, and the official admin guide, this design requires:
This is the minimal I always recommend to all my clients due to the redundancy aspects and flexibility.
Now to your questions.
My recommendation is that you adopt the Small Single Site Deployment
1 x ESM Console + Core (Combined)
1 x ESM Core (Redundancy)
1 x Database Server - Notice that SQLITE is no longer supported or recommended by Palo Alto even in POCs; hence, the official recommendation for environments with more than 250 endpoints is SQL Server Enterprise or SQL Server Standard as per the below screenshot.
Important: You only can have one console installed.
For further details on requirements please refer tothe following for the administrator guide: link: https://www.paloaltonetworks.com/content/dam/pan/en_US/assets/pdf/technical-documentation/40/endpoin...
I hope this helps.
The above helps alot! Thanks for the time and effort you put into your reply - it's much appreciated!
I'm sure many more folks will be using this post for reference.
I logged the same request as a bug under 4.0.1 a while back and was advised that it would be addressed in a future version, so I expect that it is on a road-map somewhere.
Much as I can work with m/d/y formatting, it's nice to have the d/m/y formatting that we are used to and have with our other products, like Windows, McAfee, SQL, Office, SAP, Exchange (ok - maybe not so much Exchange - backend Powershell prefers m/d/y).
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!