Information that will help you design and plan deployment of 1E Client in your organization. Includes infrastructure dependencies for each 1E product supported by the 1E Client.

 Please refer to the relevant 1E product documentation for more detail.

This page is part of the design phase of implementation.

1E Client is deployed as part of one or more 1E Solutions. You should review documentation for whichever 1E Solutions you are licensed to use, to help you decide which 1E Client features to configure, determined by which server systems are used. 

On this page:

1E Client features and modules

You will need to decide which client features and modules to enable and configure. Unless otherwise stated, modules are only available on Windows computers. Please refer to Supported Platforms for details of supported OS platforms.

Feature/moduleDescriptionInfrastructure dependencies
1E ClientThis is the main service that determines which features and modules are enabled, including uninstallation of legacy versions of the 1E clients listed below.
Tachyon client

1E Client feature which replaces Tachyon Agent to support Tachyon 4.1 and later but will work with earlier versions of Tachyon Server.

Must be enabled on each end-user device to provide Real-time and Inventory features to support the following Tachyon applications: Explorer, Experience, Guaranteed State, Patch Success, Application Migration, and AppClarity. Also required to support Tachyon integration with NightWatchman and Nomad.

Supports Windows and non-Windows devices.

Full Tachyon infrastructure including Master and Response Stacks.

See Tachyon infrastructure below.

Shopping client

1E Client module which replaces Shopping Agent and Windows Servicing Assistant (WSA) to support Shopping 5.5.200 and later. This version contains hotfixes.

Must be enabled on each end-user device to support access to the Shopping web portal, and WSA features to support OS rebuilds and upgrades.

Shopping Central website and Shopping Receiver services are required, as described in Shopping infrastructure below.
WakeUp client

1E Client module which replaces WakeUp Agent to support WakeUp Server 7.2.500 and later. This version contains hotfixes.

Must be enabled on each end-user device to support Wake-on-LAN and Configuration Manager policy refresh. Also integrates with the 1E NightWatchman Agent.

WakeUp Servers are required, as described in NightWatchman and WakeUp infrastructure below.
Nomad client

1E Client module which replaces the NomadBranch client to support Nomad 7.0 and later, as well as Tachyon clients use of the Nomad content download feature.

Must be enabled on each end-user device to provide bandwidth efficient download of content for Tachyon clients, as well as Configuration Manager clients. It is optionally used by PXE Everywhere.

ActiveEfficiency Server is required for several Nomad features, as described in Nomad infrastructure below.

All modules including the Tachyon client feature can be optionally enabled during deployment of the 1E Client or after deployment by enabling features in its configuration file.

1E Client deployment

You will need to plan the deployment of 1E Client using whichever software deployment tools you have. For details of interactive and command-line installation, please refer to Deploying 1E Client on Windows.

The 1E Client Deployment Assistant (CDA) can be used with Microsoft System Center Configuration Manager to deploy 1E Client, and also 1E NightWatchman Agent and PXE Everywhere.

Upgrading to 1E Client

Upgrading from 1E Client 4.1 to 1E Client 5.0 simply requires deploying the new version, using the same or different configuration settings.

If you are upgrading from Tachyon Agent, Shopping Agent, NomadBranch and/or 1E Agent (for NightWatchman and WakeUp) then please refer to Upgrading to 1E Client.

Supported Platforms

All 1E Client features are supported on the following Windows OS:


  • Windows Server 2019
  • Windows Server 2016
  • Windows 10 CB 21H1
  • Windows 10 CB 20H2
  • Windows 10 CB 2004
  • Windows 10 CB 1909
  • Windows 10 CB 1903
  • Windows 10 CB 1809
  • Windows 10 CB 1803
  • Windows 10 CB 1709
  • Windows 8.1

Professional and Enterprise editions of Windows 10 are supported.

The 1E Client for Windows zip is available for download from the 1E Support Portal.

All versions are provided with 32-bit & 64-installers, and can be installed on physical and virtual computers.

This list is automatically updated to show only those OS versions in mainstream support by Microsoft, and therefore supported by 1E, and by 1E Client 5.0. However the following OS continue to be supported as exceptions to help customers during their migration to the latest OS:

  • Windows Server 2012 R2
  • Windows 7 SP1

Please refer to Constraints of Legacy OS regarding end of mainstream support.

For Microsoft product lifecycle details, please refer to

Please refer to for details of which Current Branch versions are supported by 1E products, and known issues regarding specific versions.

The Tachyon client features of 1E Client are supported on the following non-Windows OS:


  • macOS Catalina 10.15
  • macOS Mojave 10.14
  • macOS High Sierra 10.13


  • CentOS 7
  • Red Hat Enterprise Linux 7.1
  • SUSE Linux Enterprise (SLES) 12
  • Ubuntu 14.04


  • Solaris 11.3

1E Client supports only Tachyon features on non-Windows devices.

Other versions of these non-Windows OS should work but have not been tested by 1E.

The 1E Client for non-Windows zip is available for download from the 1E Support Portal, and includes 1E Client packages for the following architectures:

  • Linux variations on Intel 64-bit platforms
  • Solaris on Intel 64-bit and SPARC platforms

Also included in the download are 1E Client packages for the following legacy Linux distributions:

  • Fedora 21
  • openSUSE Leap 42.1

1E Client packages for other Linux distributions can be requested, including Raspbian for Raspberry Pi, and Debian.

The Tachyon client features of 1E Client are supported on the following mobile OS:


  • Android Pie 9.0
  • Android Oreo 8.1
  • Android Oreo 8.0

1E Client supports only Tachyon features on non-Windows devices.

Other versions of these mobile OS should work but have not been tested by 1E.

The 1E Client for Android zip is available for download from the 1E Support Portal, and includes 1E Client packages for the following architectures:

  • Android ARM

Tachyon infrastructure dependencies

Please refer to Tachyon 5.0 documentation for more details.

If you intend using Tachyon for its Real-time, Inventory, Patch Success, or Guaranteed State features, then you require at least one Tachyon Server and a Tachyon license.

Organizations with less than 50000 devices will typically have a single-server system with one Tachyon Switch, but there may be reasons why a more complex configuration would be required. Key factors are the location of servers and how devices and users will connect to them.

Every Tachyon system has a single Master Stack, which provides web services for Tachyon applications.

Tachyon Real-time features requires Response Stacks, and optional DMZ Servers. Each Response Stack has a Tachyon Core component that supports an associated set of up to five Tachyon Switches, which is the primary mechanism for rapidly requesting and retrieving responses from the Tachyon clients. As each Switch can handle up to 50,000 devices there is a limit of 250,000 devices per Response Stack.

The Tachyon Switches may be local or remote to the other components in the Response Stack. Tachyon, Catalog, SLA and BI databases are installed on SQL Server database instance(s) that may also be local or remote to their respective Master or Response Stacks. It is also possible for multiple Response Stacks to share the same Responses database. The Experience and BI cubes are installed on a local or remote SQL Server Analysis Services (SSAS) instance.

PKI and certificates

Client-Switch communication uses WebSocket Secure protocol, whereby each Tachyon client establishes a secure link to the Switch which is then used by the Switch to send instructions to the Tachyon client. This is shown as a dotted line in the pictures in the Communication Ports page.

All other communications from external devices use HTTPS, including Tachyon client connecting to the Background Channel in order to download resources that may be required by instructions, and using the Tachyon Portal to administer and use the system.

All communication is encrypted, which requires a Public Key Infrastructure (PKI). More specifically, PKI is required for:

You can use Tachyon Setup to install Tachyon Server so it does not require Tachyon clients to present certificates to the Tachyon Switch. The Platform can be reconfigured later to re-enable use of client certificates when your environment is ready. The Tachyon Server requires a Web Server certificate. If this is an issue for you then please contact 1E.


In addition to PKI and network requirements, other infrastructure dependencies are:

  • DNS - each Tachyon Server requires a DNS Name, this is also useful for ActiveEfficiency Server if it is installed
  • Active Directory - for installation and user accounts; Tachyon can be configured to use LDAP but uses GC by default
  • IIS - a standard configuration required on each Tachyon Server
  • SQL Server - for Tachyon Master and Response Stack databases, Catalog SLA and BI databases, and ActiveEfficiency if installed
  • SQL Analysis Services - must be installed in multi-dimensional mode, for Business Intelligence (SLA BI cube) required by Patch Success
  • Email - optional for approval and notification emails, but required if using two-factor authentication (2FA)
  • Internet access - the Master Stack requires access to the 1E license service via the Internet in order to keep the Tachyon license activated, and 1E Catalog requires access to the 1E Catalog Cloud service to download Catalog updates

For more detail about client certificates, please refer to Tachyon client requirements: Client Certificates.

Downloading Tachyon client content and Nomad integration 


Tachyon client downloads content from the Tachyon Background Channel. Content is mainly scripts and other files required by Tachyon instructions. It also includes client resources such as extensible modules, providers, and other dependencies to maintain the 1E Client. In most cases, client resources are version controlled to prevent repeated downloads. Tachyon instructions always request a download even if they have run an instruction before, unless the content for that instruction has been cached in memory.

You may need to consider the impact on the network if there is a large amount of content included in an instruction. This is more of an operational consideration instead of a design consideration.

1E Nomad is an optionally licensed component of the 1E Client. It makes software deployment, patching and downloading content more efficient and reduces the impact on the network. It removes the need for remote Distribution Point servers in Microsoft System Center Configuration Manager systems. When Nomad is installed on computers it automatically elects a peer to download content from a server over the WAN and then peer-shares the content with other PCs at the same location. The downloaded content is cached locally on each PC in case it is needed again.

Tachyon can optionally use Nomad to download content from servers irrespective of whether Nomad is integrated with Configuration Manager or not, and also uses advanced Nomad features which use ActiveEfficiency.

Nomad integration disabled

If Nomad integration is not used, the following apply:

  • Tachyon client waits a randomized stagger period defined by its DefaultStaggerRangeSeconds setting, and then downloads content from the specified Background Channel.
  • Tachyon client retains modules and extensibles that it has downloaded, but does not retain instruction scripts after they have been run. Any instruction that requires a script or other file will download the latest version each time the instruction is run.

Nomad integration enabled

Nomad integration is available on Windows PC devices and is enabled by default, but can be disabled during installation of the 1E Client.

With the Nomad integration feature enabled, Tachyon client will detect if Nomad v6.0.100 or later version is running on the device.

  • Tachyon client immediately requests Nomad to download content from the specified HTTP source such as the Background Channel. Nomad behaves in the same way as it does with Configuration Manager by ensuring the latest version of content is obtained and electing a master to perform the actual download.
  • Nomad maintains its own cache of downloaded content which avoids the need for repeat downloads over the WAN, and provides content to peers that require the same resources which avoids peer devices having to download over the WAN.

  • If the Nomad integration feature is enabled, and requested content is not provided within the timeout period, the Tachyon client will fall back to downloading directly from the HTTP source. The most likely reason for a timeout is if Nomad is busy downloading other content.

To use Nomad, there is no special configuration of Tachyon Servers. The Background Channel is a web application on the Tachyon Server which uses HTTPS and default port is 443. The URL for the Background Channel is defined in the 1E Client configuration file and is specified during installation of the 1E Client if Tachyon features are enabled. The Tachyon client passes this URL to Nomad when it requests content to be downloaded. Instructions can also specify other HTTP sources.

Nomad does not need to be configured to use certificates in order to communicate with the Background Channel (the Nomad CertIssuer and CertSubject settings are used only with Configuration Manager Distribution Points that are configured to validate device certificates).

Nomad Single-Site Download (SSD) feature uses ActiveEfficiency Server to further reduce the impact downloading content over the WAN.

Shopping infrastructure dependencies

Please refer to Shopping 5.6 documentation for more details.

Shopping requires an ActiveEfficiency Server, and ActiveEfficiency Scout to import data from Configuration Manager into ActiveEfficiency.

A Shopping solution requires a Shopping Central server on a web server, and a Shopping Receiver installed on each Configuration Manager Site server that has client reporting to it, and on a CAS if using Shopping for OS Deployment.

If users are using Edge or Metro browsers then you must enable the loopback feature. This feature implements a mechanism for passing information between the Shopping client, the browser's secure sandboxed environment and the local machine. This mechanism affects these browsers as a whole and is not just restricted for use by Shopping.

Before enabling the loopback feature, check your security policy on enabling loopback and be aware of the implications of allowing access between browsers and the local machine.

NightWatchman and WakeUp infrastructure dependencies

Please refer to NightWatchman Enterprise 7.2.500 documentation for more details.

A NightWatchman Management Center server is required if implementing NightWatchman or WakeUp solutions. 

If implementing WakeUp, or Nomad integration with WakeUp, then you require at least one WakeUp Server. If you have Configuration Manager you require a WakeUp Server on each Site server that has clients reporting into it. If you do not have Configuration Manager you require one or more independent WakeUp Servers.

1E NightWatchman Agent is a separately installed client agent, that can optionally be used to help with power management of computers. It is not included in 1E Client, but is included in the 1E Client Deployment Assistant (CDA) which assists with deploying Windows versions of 1E clients via Configuration Manager. When 1E NightWatchman Agent is installed alongside the WakeUp client it will optionally manage the computer returning to its original power state after being woken using 1E WakeUp and the computer is not busy, for example installing patches.

Web WakeUp is an optional server component that is typically installed on the NightWatchman Management Center server. It is a web portal for users and administrators to search for computers to wake. It optionally provides a remote desktop link to the woken computer.

Nomad infrastructure dependencies

Please refer to Nomad 7.0 documentation for more details.

In addition to deploying 1E Client (with Nomad client module enabled) on all computers and on Configuration Manager Distribution Points, the following are also required:

  • Nomad tools installed on Configuration Manager sites and SMS Providers
  • Nomad Configuration Manager Console extensions on Configuration Manager site servers any other computer that has the Configuration Manager Console installed

As explained above, Nomad can be used for downloading content for Tachyon clients, as well as Configuration Manager clients.

Although not a requirement for generally using Nomad, ActiveEfficiency Server must be installed and available before you can use certain Nomad features.

The following Nomad features require ActiveEfficiency:

Hotfix requirement

If you will be using any of these features with Nomad 7.0 you must install ActiveEfficiency 1.10 with the latest accumulated hotfix available on the 1E Support Portal (

PXE Everywhere is a separately installed client agent, that can be optionally used to help with OS Deployment. It is not included in 1E Client, but is included in the 1E Client Deployment Assistant (CDA) which assists with deploying Windows versions of 1E clients via Configuration Manager. PXE Everywhere does not depend on Nomad but is often used with Nomad. Nomad helps with distribution of PXE boot images via Configuration Manager.