ASMS system architecture
This topic shows a series of architecture diagrams, with elements for distributed systems, devices, and enterprise systems.
Click each image to zoom in for details.
Note: The protocols and deployment models used differ in different architecture structures.
For more details, see Supported deployments per architecture structure, Required port connections, and the device-specific topics in the Manage devices section.
Full system architecture
The following image shows a full sample ASMS system architecture.
* ICMP is used for setup and upgrade
Initial setup
The following image shows an ASMS system with elements for initial setup. The ASMS Central Manager connects to both ASMS Administrators and users, as well as a Syslog NG server for log processing.
* ICMP is used for setup and upgrade
For more details, see Define AFA preferences.
Distributed architecture
The following image adds system elements for a distributed architecture, including load and geographic distribution units, as well as a separate High Availability or Disaster Recovery site.
* ICMP is used for setup and upgrade
The following image zooms in to the ASMS system elements and connections in a distributed architecture.
* ICMP is used for setup and upgrade
For more details, see Configure a distributed architecture.
Added devices
The following image shows additional elements for devices added to AFA, including a Palo Alto Panorama and managed firewall, a Check Point Management station, log server, and managed Check Point Gateway, as well as Cloud devices in AWS or Azure.
* ICMP is used for setup and upgrade
For more details, see Manage devices.
AppViz functionality
The following image shows the ASMS system architecture with additional elements for AppViz, including an AutoDiscovery client, server and sensor, and vulnerability scanners.
* ICMP is used for setup and upgrade
For more details, see Welcome to AppViz, AutoDiscovery, and Install AutoDiscovery.
ASMS architecture for enterprise systems
The following image shows an ASMS architecture and connections to elements used in enterprise systems:
* ICMP is used for setup and upgrade
For more details, see Define AFA preferences.