Architecture Overview
Cayosoft Guardian is a change monitoring, backup, and recovery platform designed to oversee changes across the entire hybrid AD / Azure AD environment and quickly roll back mistakes, malicious changes, or domain-wide or forest-wide outages.
Modern 3-Tier Model - Cayosoft Guardian uses a new and modern 3-tier architecture built with the latest Microsoft & Web technologies such as Fluent UI, Graph API, and .Net Core.
Built for all phases of the IT Cloud Journey
Cayosoft Guardian was built from the ground up to support change monitoring and recovery of critical platforms and systems through each phase of IT's Cloud Journey: On-premises, Hybrid, and Public/Private Cloud. The following architectural components make Cayosoft Guardian different and more flexible than any other product like it available today.
Jobs and plans
Jobs define how and when specific automated or user-initiated tasks should be completed. For example, a job may continuously collect changes from a connected management system such as Microsoft 365 or Active Directory. Another job initiated by an administrator might roll back any unwanted changes in the membership of a hybrid security group.
Some examples of jobs in Cayosoft Guardian:
- Change collection jobs collect recent changes from managed systems.
- Event collection jobs collect events from native logs and correlate events with changes.
- Rollback jobs recover objects in managed systems to their original state when a user requests it.
- Plans are complex jobs that manage the execution of other jobs.
- Backup plans are jobs that create backups of Active Directory Domain controllers.
- Recovery plans are jobs that recover Active Directory infrastructure such as domain controllers.
- Reporting jobs create reports in the selected format, such as CSV or HTML.
- Threat detection jobs detect threats in real-time and by schedule.
Alerting Rules
Alerting Rules define when and how an administrator should be notified about important changes in connected systems or in Guardian itself. Once Cayosoft Guardian detects a change that matches an alerting rule, a related alert is raised and a notification is immediately sent via Exchange Online or Teams.
Saved Queries
Saved Queries define how and what data collected by the Guardian is presented to an administrator.
The administrator can use Saved Queries to get instant access to essential data and create a report or an alerting rule based on a query filter.
Threat definitions
With threat definitions containing signatures of various threats, Cayosoft Guardian constantly analyses all changes in your environment and performs scheduled checks to find traces of malicious activity or misconfigurations.
Guardian Service
At the heart of Cayosoft Guardian is the Windows service named Cayosoft Guardian Service when viewed in the Windows Services snap-in.
Database
Configuration settings of Cayosoft Guardian and data collected from managed systems are stored in the Cayosoft Guardian database. After installation, Cayosoft Guardian is configured to use Microsoft SQL Server Express LocalDB. For production usage, Cayosoft Guardian should be configured to use an external SQL database running on Microsoft SQL Server 2016 (or later) or Microsoft Azure SQL Server. The retention job automatically removes items that are no longer required, and the Storage Maintenance Job ensures consistency and optimizes the size of the database.
Web Portal
Web Portal is for administrators to configure the product, and perform change audit, recovery, and other management tasks. The web portal makes it easy to access the critical AD, Hybrid, and Office 365 changes and restore unwanted changes.
Roles
Cayosoft Guardian has a set of built-in roles that grant day-to-day administrators or help desk staff the ability to perform tasks that their jobs require.
Agents
Cayosoft Guardian requires agents on domain controllers to create backups and copy these backups to file storage. Also, agents perform recovery tasks on target machines in the recovery site during various recovery scenarios. Change or event collection tasks do not require agents on domain controllers.
Backup locations
Backup locations are file shares or storage in Azure or AWS that are used in backup and recovery plans to perform various operations with backup files. Learn more about backup locations.
Deployment Architecture
Cayosoft Administrator can be deployed on a single VM or server or from the Azure Marketplace straight to the Azure VM.
Typical Deployment
The typical customer deployment involves one virtual or physical machine. For the Change monitoring feature, a database on an external SQL Server or Azure SQL is required. For the Forest recovery feature, Cayosoft Guardian uses agents automatically deployed on each domain controller included in a backup plan. A backup location in Azure or AWS is recommended to store backups.
Comments
0 comments
Article is closed for comments.