Centralized Management Groups of Screens

Groups of Screens deployed throughout your organization are managed with a set of configuration objects through an Administration Station. Policies reside on a specific Screen called the centralized management group's primary Screen. Many Administration Stations can manage the Screens.

The centralized management group's primary Screen, where all configuration objects reside, manages itself, as well as the centralized management group's secondary Screens. The secondary Screens in a centralized management group make some basic emergency administration possible. For example, if the primary Screen is down for service, although no central logging mechanism exists for a global view of the logs on the individual Screens in a centralized management group, you can select a specific Screen and view its log.

Centralized Administration

Many sites run multiple Screens. With centralized administration, you can keep all common objects and policies on a central, primary Screen and use it to activate all the Screens in your site.

The primary Screen is the one that contains the common objects and policies for it and all the other Screens. The other Screens are the secondary Screens.

Common Objects Used in Centralized Administration

Centralized administration requires secure communication among the Screens. This information is contained in the screen object. On the primary Screen, screen objects must exist for all the Screens. On each secondary SunScreen, Screen objects must exist for that secondary and the primary Screen.

Once you successfully activate a configuration from the primary Screen, it will replace objects on the secondary. If these new objects are incorrect, it may be impossible to activate additional configurations centrally. If so, you can manually activate an old configuration on the secondary, fix the errors on the primary, and then activate the configuration again.