ASMS system architecture

This topic shows a series of architecture diagrams, with elements for distributed systems, devices, and enterprise systems.

Click each image to zoom in for details.

Note: The protocols and deployment models used differ in different architecture structures.

For more details, see Supported deployments per architecture structure, Required port connections, and the device-specific topics in the Manage devices section.

ASMS full on-prem system architecture

The following image shows a full sample ASMS system architecture.

* ICMP is used for setup and upgrade in HA deployments

Back to top

ASMS- AlgoSec SaaS services architecture

The following image shows connection between on-prem ASMS system with AlgoSec SaaS Services (CloudFlow, ObjectFlow*) :

*Relevant for ASMS A32.10 June 6 HF (build A32.10.380-180) or above

Back to top

Initial setup

The following image shows an ASMS system with elements for initial setup. The ASMS Central Manager connects to both ASMS Administrators and users, as well as a Syslog server for log processing.

 

* ICMP is used for setup and upgrade in HA deployments

 

For more details, see Define AFA preferences.

Back to top

Distributed architecture

The following image adds system elements for a distributed architecture, including load and geographic distribution units, as well as a separate High Availability or Disaster Recovery site.

* ICMP is used for setup and upgrade in HA deployments

The following image zooms in to the ASMS system elements and connections in a distributed architecture.

* ICMP is used for setup and upgrade in HA deployments

For more details, see Configure a distributed architecture.

Back to top

Added devices

The following image shows additional elements for devices added to AFA, including a Palo Alto Panorama and managed firewall, a Check Point Management station, log server, and managed Check Point Gateway, as well as Cloud devices in AWS or Azure.

* ICMP is used for setup and upgrade in HA deployments

For more details, see Manage devices.

Back to top

AppViz functionality

The following image shows the ASMS system architecture with additional elements for AppViz, including an AutoDiscovery client, server and sensor, and vulnerability scanners.

* ICMP is used for setup and upgrade in HA deployments

For more details, see Welcome to AppViz, Welcome to AutoDiscovery, and Deploy AutoDiscovery .

Back to top

ASMS architecture for enterprise systems

The following image shows an ASMS architecture and connections to elements used in enterprise systems:

* ICMP is used for setup and upgrade in HA deployments

For more details, see Define AFA preferences.

Back to top