The Framework is made up of three primary components:
The Framework Manager is the server component of the Framework. It provides a centralized registry, enabling services and administration of the entire Framework from any single point on the enterprise network.
The Framework Manager is administered through the Framework Manager console, using a suitable Web browser with Adobe Flash Player.
The manager modules are installed on the Framework Manager by default. The modules can also be distributed to other Framework hosts to provide load balancing and failover for the Framework. If there are multiple occurrences of the same type of manager installed on the Framework, they operate in primary and backup roles. Updates to the data controlled by each group of like managers are only updated at the primary manager.
The default manager modules are:
Administration Manager (admin): Provides the functionality for the Web-based user interface. Framework consoles can be installed on the Administration Manager and are used to control product features.
Access Manager (auth): Maintains a list of Framework user accounts and provides authentication services for the Framework. It needs to be installed with a local Registry Manager in order to create a secure user authentication token.
Audit Manager (audit): Maintains the repository for all auditing information collected by the Framework.
NOTE:NetIQ recommends to deploy only two Audit Managers, even in large environments.
Command Control Manager (cmdctrl): Maintains the rule configurations and is responsible for validating user command requests.
Compliance Auditor (secaudit): Collects, filters, and generates reports of audit data for analysis and signoff by authorized personnel
Messaging Component (msgagnt): Provides the transport mechanism and interacts with e-mail servers to provide reporting functionality.
Package Manager (pkgman): Manages a repository for Framework packages.
Registry Manager (registry): Maintains a database of all Framework hosts and modules. Provides certificate-based registration features for the hosts.
Syslog Emitter (syslogemit): Provides logging of audit information to a syslog server.
The Framework Manager console is the default user interface for the Framework. It allows configuration and management of the Framework through a graphical user interface.
For a description of this console, see Section 1.4, The Workspace Layout.
The Framework Agent is the client component of the Framework. It is responsible for receiving and carrying out instructions from the Framework Manager on all hosts. The following Framework Agent packages are installed on all Framework hosts:
Registry Agent (regclnt): Provides a local cached lookup for module locations. The Registry Agent queries the Registry Manager when local cached information is not available or isn’t fresh.
Distribution Agent (distrib): Provides the interface to control the installation and removal of packages in the Framework. It has methods to install, remove, and list the available and updatable packages. The Distribution Agent retrieves packages from the local Package Managers.
Store and Forward Agent (strfwd): Provides a store and forward mechanism for guaranteed delivery of messages. It is used for various core features such as replication of the manager databases.
Command Control Agent (rexec): Enables the Framework to control and audit user commands.