Configure U-Series Appliance

If you deploy Endpoint Privilege Management to a BeyondInsight and U-Series Appliance environment, use the following information as supplementary guidance to installing and configuring a U-Series Appliance.

Appliances can be set up across your environment, each one configured to host one or more roles. We recommend working with your BeyondTrust representative to determine the appliance architecture best suited for your estate. This is especially important if you plan to integrate Endpoint Privilege Management into an existing U-Series Appliance-BeyondInsight-Password Safe deployment.

For more information, see U-Series Appliance Technical Documentation.

Primary/Secondary Deployment Model

An example deployment model for a U-Series-BeyondInsight-Endpoint Privilege Management integration includes two appliances.

  • Primary appliance: Hosts the reporting server and the BeyondInsight management console.
  • Secondary appliance: Hosts the BeyondTrust event server that can manage policy distribution.

In this example model, you can deploy the event server in a variety of locations, including internet facing, if you want to support on and off-network devices.

The appliance can support up to 10,000 endpoints and additional event servers can be added to increase the capacity.

The following sections provide high-level configuration details.

Primary U-Series Appliance

Before proceeding with the setup of the primary appliance, keep the following considerations in mind:

  • On a primary appliance, ensure the management console and reporting roles are enabled. In an architecture with more than one appliance, enable the management console role on only one appliance.
  • When the SQL Server database resides on the primary appliance, then you must configure access to the remote database so secondary appliances can connect to the database. Set remote access on the SQL Server Database role.

To configure a primary appliance:

  • Complete the appliance deployment and configuration wizards, taking the appropriate steps to achieve the objectives outlined above. Step-by-step instructions are located here: Configure the BeyondTrust U-Series Appliance.

Event Server Appliance

A U-Series Appliance can be set up as an event server to serve policy to your estate.

Before proceeding with the setup of the event server appliance, keep the following configuration details in mind when going through the deployment and configuration wizards:

  • You must activate the Event Collector role either during the configuration wizard or later in the U-Series Appliance software.
  • Disable roles that are configured on the primary: BeyondInsight Management Console, BeyondInsight Analysis Services, and Analytics and Reporting - Reporting Service.
  • When an appliance is acting as the event server, then you must set up remote database settings on the primary appliance.

To configure an appliance as an event server:

  • Complete the appliance deployment and configuration wizards, taking the appropriate steps to achieve the objectives outlined above. Step-by-step instructions are located here: Configure the BeyondTrust U-Series Appliance.