VIPRE Security Knowledge

VIPRE Endpoint Security Architecture

Super Administrator

Written By Marissa Fegan (Super Administrator)

Updated at November 3rd, 2023

Table of Contents

Server Edition Cloud Edition Backend Architecture

An overview of the VIPRE Endpoint Security model and architecture, including both Endpoint Security Server and Cloud editions.

Server Edition

VIPRE Endpoint Security Server is implemented as a simple, lightweight, on-premise installation of management software that is used to monitor and manage the solution. This particular solution depends on an endpoint agent that resides on the specific desktop, laptop, workstation, server, or other device to be protected. In the default mode, agents communicate with VIPRE Server over the local customer's network to report status and receive code and threat definition updates; VIPRE Server agents do, however, support a Roaming Mode that allows remote agents to communicate with the local VIPRE Server via a cloud service as a broker.

From an architectural perspective, Endpoint Security Server operates in a client-server model where the agents are clients, and the VIPRE Server is the server. Although the agent has considerable local intelligence, features such as policies, updates, commands, and more are handled via the VIPRE Server. Agents will fully protect endpoints when not connected to the network, but certain kinds of actions (such as deleting a quarantined file) will not be available. For agents to work properly over the long term, they must have an unimpeded network path to reach the VIPRE Server for at least part of their maintenance cycle.

VIPRE Server itself is an installable application that is run locally on a Windows system. Multiple VIPRE Servers can be connected into a hierarchical multi-site configuration - network paths between servers will also have to be maintained.

Cloud Edition

VIPRE Cloud products are implemented as cloud-hosted services that provide management and monitoring services to protect your users from malware. This particular solution depends on an endpoint agent that resides on the specific desktop, laptop, workstation, server, or other device to be protected. In the default mode, agents communicate with VIPRE Cloud over the public Internet to report status and receive code and threat definition updates.

From an architectural perspective, VIPRE Cloud operates in a client-server model where the agents are clients, and the VIPRE Cloud service is the server. Although the agent has considerable local intelligence, features such as policies, updates, commands, and more are handled via a web console. Agents will fully protect endpoints when not connected to the public Internet, but certain kinds of actions (such as deleting a quarantined file) will not be available. For agents to work properly over the long term, they must have an unimpeded network path to reach the VIPRE Cloud service for at least part of their maintenance cycle.

Backend Architecture

Internally, VIPRE Cloud is implemented using robust, redundant, and highly scalable Amazon AWS services. The number of protected endpoints that a single customer can have is essentially unlimited, although note that all agents will consume at least some bandwidth through whatever network path is required to reach the cloud services.

VIPRE Cloud administrators must also be able to access the VIPRE Cloud web-based responsive console. This can be achieved with virtually any internet-connected system that has a browser.

Related Articles

Deploy the Custom Agent Installer

After creating a custom installer, you then deploy VIPRE Cloud agents to your end...

Migration Overview

A recommended list of steps for end-to-end VIPRE implementation in your business....

Typical VIPRE deployments

VIPRE Endpoint Security is primarily deployed for the following use cases: Protec...

VIPRE Cloud is a simple setup

A very brief description of how simple it is to set up VIPRE Cloud. Setting up VI...