N-central Architecture Guide

• N-central Architecture Guide
• Introduction
• Purpose
• Target Audience
• N-central High-Level Architecture (N-central at a glance)
• Core Components
• N-central Server
• Probes and Agents
• Communication Flow
• Summary
• Appendices

Introduction

N-central, developed by N-able, is a robust Remote Monitoring and Management (RMM) platform designed to help organizations efficiently manage and secure their IT environments. N-central is commonly used by managed service providers (MSPs) but is also used by IT departments within organizations. The platform supports both on-premises and hosted deployment options, providing flexibility to meet the unique needs of different organizations. Its architecture is built to handle diverse network infrastructures, ensuring seamless integration and scalability.

The platform supports a wide range of devices, including workstations, servers, mobile devices, and network equipment from various manufacturers like Cisco, Fortinet, and HP. This extensive device support ensures comprehensive network management and monitoring.

N-central includes detailed views of network paths and device statuses, enabling proactive monitoring and quick identification of potential issues. The platform's asset discovery feature helps MSPs keep track of all devices within a network, ensuring comprehensive coverage and management. Additionally, N-central integrates with various third-party tools and systems, enhancing its functionality and allowing for a more customized IT management experience.

The platform is designed with scalability in mind, allowing MSPs to manage multiple clients and large networks efficiently. N-central's modular design enables MSPs to add or remove features as needed, ensuring that the platform can grow and adapt to changing business requirements. This flexibility makes N-central an ideal choice for MSPs looking to streamline their operations and deliver consistent, high-quality service to their clients.

Purpose

The purpose of this document is to provide a detailed overview of the architecture of N-central. This document aims to inform Managed Service Providers (MSPs) about the core components, functionalities, and advantages of the N-central solution. By understanding the architecture, MSPs can better grasp how the solution integrates into their IT environments, enhances remote monitoring and management capabilities, and ensures secure and efficient service delivery.

Target Audience

This document is intended for MSPs who are responsible for the deployment, management, and support of remote monitoring and management solutions within their client organizations. The target audience includes:

• IT Managers and Directors: Individuals overseeing IT operations and strategy within MSPs, who need to understand the technical capabilities and benefits of N-central.

• System Administrators: Professionals within MSPs responsible for the day-to-day management and maintenance of client IT systems, who require detailed knowledge of the solution's architecture to ensure optimal performance and security.

• Technical Support Engineers: Personnel within MSPs providing frontline support to clients, who need to be familiar with the solution's features and troubleshooting procedures.

• Network Engineers: Experts within MSPs in network design and management, who must understand how N-central interacts with client network infrastructure to maintain connectivity and performance.

By addressing the needs and concerns of these key stakeholders, this document aims to facilitate informed decision-making and effective implementation of N-central within diverse client IT environments.

N-central High-Level Architecture (N-central at a glance)

N-central follows a client-server architecture, where a central N-central Server communicates with various agents, probes, and client devices to provide monitoring, management, and automation services.

N-central offers two deployment options, on-premises and hosted, each catering to different organizational needs and preferences, whilst offering the same core capabilities.

• On-Premises (Self-hosted, using AWS and Azure): Install and run the N-central server on your own hardware within your organization's infrastructure. This option provides greater control over the environment, allowing for more customization and direct management of the server. It's ideal for organizations with specific security requirements or those that prefer to maintain their own IT infrastructure.

• Hosted: The hosted deployment, also known as N-central Cloud, runs the N-central server on N-able's cloud infrastructure. This option reduces the need for on-site hardware and maintenance, as N-able handles the server management, updates, and backups. It's a convenient choice for organizations looking for a scalable, cost-effective solution with less administrative overhead.

Core Components

At the heart of N-central’s functionality are several core components that work together to provide seamless IT management. These components include the

• N-central Server: The core system that manages data and communications.

  • Database Server: Stores all collected data, configurations, and logs, ensuring data integrity and availability for analysis and reporting.

  • Dashboard: The user interface for managing devices and viewing data.

• Agents: Installed on client devices to collect data and perform tasks.

• Probes: Network devices that monitor and manage network segments.

Additionally, N-central features APIs and integration layers that allow it to connect with third-party tools, extending its capabilities even further.

Together, these core components form a scalable and secure IT management ecosystem that enables MSPs to provide proactive IT services, improve operational efficiency, and maintain high levels of service quality across multiple client environments. The following sections explore each component in detail, highlighting its role within the N-central architecture.

N-central Server

The N-able N-central server is the "brains" of the system and contains a number of components including the Web Interface, Data Management System (DMS), Database, and other core system components. In addition to providing an interface for the Agents and Probes, the DMS is also the business logic layer of the application. All rules that govern how N-able N-central deals with data are executed at this level.

The N-able N-central server is an appliance designed to be able to communicate with agents and services over the internet. N-central should be protected through proper network security best practices aligned to your company policies such as placing the N-central server in a DMZ with proper firewall restrictions. The N-central UI and Agent communication ports are designed so that they can be split and secured independently (On by default for fresh installations). See Port access requirements for the ports that the N-able N-central server must have access to.

Probes and Agents

A Probe is a Windows application that resides on a system within a customer’s network, behind their firewall or within their private IP space. Probes provide network discovery, monitoring and management services for devices on that private network, leveraging industry standard protocols such as WMI, SNMP, ODBC, and others. In addition, the probes are capable of discovery and installing agents on compatible devices when configured.

An Agent is an additional software component that may be installed on a Microsoft, macOS, or Linux host device to gather data specific to that local device.

N-able N-central Probes and Agents communicate with the N-able N-central server using similar architecture and methods. The Probes and Agents leverage client-side initiated communications, where all data communications begin with an outbound call from the Agent or Probe.

As a direct result of this architecture, there is no public IP address or port forwarding required from the Internet to the devices running the Probes or Agents. The outbound communications from the Agents to the N-able N-central server are based on SOAP and XMPP, and are transmitted using the HTTPS protocols on the standard web ports. The nature of these communications allows for the support of standard proxies on the local network.

After the outbound session is established, the Agent receives a session ID that is used to identify that session, and it persists until the session is closed. The Agents and Probes will open a second (asynchronous) signaling channel leveraging the XMPP protocol (on port 5280 or 443) that is persistent to allow the N-able N-central server to signal the Agents and Probes when actions are necessary (such as to initiate a remote-control session). In cases where the XMPP session is terminated abnormally (for example, by a firewall cleaning open sessions), the Agent will re-create the session automatically.

N-able N-central leverages the XMPP (Extensible Messaging and Presence Protocol) based communications for control purposes only, not for the transmission of monitored data. It plays an important role in both Take Control and Direct Support Tools by ensuring quick and efficient communication between the N-central server, technicians, and managed devices. As an additional measure, the XMPP protocol can be turned off for individual devices or globally, however, this is not recommended as this will increase system load and will cause latency on certain N-able N-central features.

Communication Flow

Probe and Agent Communications: Client-side initiated communications using HTTPS protocols. Probes and Agents communicate with the N-central server using SOAP and XMPP, with data encrypted using TLS. This architecture ensures secure and efficient data transmission between components.

Probe as a Cache: Acts as a cache location for software installation files such as the Agent, AV Defender, Backup Manager, and Windows Patches. Agents communicate with the Probe over TCP 10004 using the .NET remote communication protocol. This caching mechanism reduces bandwidth usage and speeds up software deployments.

Database Server: A critical component of N-central, responsible for storing all system data. This includes device configurations, logs, monitoring data, and reports, ensuring that all collected information is securely maintained and readily accessible for analysis and reporting. By utilizing PostgreSQL as the database engine, the Database Server provides robust performance, reliability, and scalability. This setup ensures data integrity and availability, supporting the efficient operation of N-central's various functionalities.

Web-based User Interface: The Web-based User Interface (UI) is a crucial component of N-central, offering web console that allows administrators to manage and monitor devices. This intuitive interface provides a centralized view of all monitored devices and system activities. It supports role-based access control (RBAC), enabling multi-user access with varying levels of permissions based on their roles. This ensures that administrators can delegate tasks and responsibilities securely, maintaining control over who can access and modify different parts of the system. The web-based UI enhances the overall user experience by providing a seamless, accessible platform for comprehensive IT management.

Integration Layer (API & Webhooks): The Integration Layer of N-central is designed to enhance connectivity and automation through its API and webhooks. It provides a REST API that facilitates seamless third-party integrations with various tools, such as PSA (Professional Services Automation) platforms like MSP Manager, ConnectWise, and Autotask, ticketing systems, and billing platforms. This API enables administrators to extend N-central's capabilities by connecting it with other essential business applications, ensuring a cohesive IT management ecosystem. Additionally, webhooks allow for event-driven automation, enabling custom workflows that respond to specific triggers within the system. This functionality supports dynamic and automated processes, enhancing operational efficiency and responsiveness.

Summary

In conclusion, N-able N-central’s robust architecture illustrates N-central’s capabilities to ensure scalability, security, and operational efficiency to optimize workload distribution. N-central’s architecture provides a flexible, resilient, and cost-effective foundation for MSPs operations, for hosted enabling smooth cloud adoption while leveraging existing on-prem investments and balancing performance and security, utilizing the latest technologies and industry best practices, and safeguarding the sensitive data. N-central’s architecture’s key components have been optimized for expandability and resilience to ensure that N-central can handle enhanced traffic and data volume without compromising on the performance.

Appendices

• Security and privacy - N-able

• Port access requirements

• Security Guide

We'd love to hear your thoughts! If there's any additional information you'd like to see in this guide, please let us know through the feedback form below. Select No for "Did this topic help you?" and then choose Other reason not listed here to share your suggestions. Your input helps us improve. If you'd like us to follow up with an update, please provide your email address.