Tachyon Single-Server system
In the most basic setup there is a single server which hosts both a Master Stack and a Response Stack and this can be deployed by selecting the default settings in Tachyon Setup.
The following table shows the Tachyon Platform components, including Tachyon Master and Response Stacks, and also shows the DMZ Server discussed below.
| Subsystem | Component | Web application | Master Stack | Response Stack | DMZ Server |
|---|---|---|---|---|---|
| Tachyon Server | Tachyon Portal UI and Tachyon applications | Tachyon | 1 | ||
| Consumer API | Consumer | 1 | |||
| Coordinator service | 1 | ||||
| Tachyon Master database | 1 (optionally Remote) | ||||
| Experience | Experience database | 1 (optionally Remote) | |||
| Experience cube (requires SSAS) | 1 (optionally Remote) | ||||
| ActiveEfficiency | ActiveEfficiency Server | ActiveEfficiency | 1 (optional) | ||
| ActiveEfficiency database | 1 (optionally Remote) | ||||
| 1E Catalog | Catalog UI | CatalogWeb | 1 (optionally Remote) | ||
| Catalog API | CatalogWeb | ||||
| Catalog Update Service | |||||
| Catalog database | 1 (optionally Remote) | ||||
| SLA Platform | SLA Platform UI and SLA applications | Platform | 1 | ||
SLA Admin | Admin | 1 | |||
| SLA Engine | 1 | ||||
| SLA Integrate Services | 1 | ||||
| SLA Operations Provider API | CoreExternal | 1 | |||
| SLA databases (Data, Integrate, Shared) | 1 (optionally remote) | ||||
SLA Business Intelligence (for Patch Success) | MDX API | 1 | |||
| SLA-BI database | 1 (optionally Remote) | ||||
| SLA-BI cube (requires SSAS) | 1 (optionally Remote) | ||||
| Tachyon Server | Core | Core and CoreInternal | 1 | ||
| Background Channel | Background | 1 | 1 | ||
| Switch(es) (also includes a single Switch Host service) | up to 5 (optionally Remote) | up to 5 | |||
| Tachyon Responses database | 1 (optionally Remote) |
The picture opposite shows a Tachyon Single-Server System with databases optionally installed locally or on remote SQL Server instance(s). Components colored green are optional in a Tachyon system.
The Response Stack has can be installed on the same server as the Master Stack, and on remote servers.
The DMZ Server has only the Tachyon client facing components of the Response Stack: the Background Channel and Switches.
Tachyon applications and tools are consumers, and all consumers connect to the Tachyon Consumer API.
Tachyon Applications
The following are applications that work with Tachyon 5.0 and are installed using Tachyon Setup:
- Explorer - used to investigate, remediate issues and manage operations across all your endpoints in real-time
- Guaranteed State - ensures endpoint compliance to enterprise IT policies
- Inventory - used to view and export inventory, and manage associations (new in 5.0)
- Settings - used to configure Tachyon system and application settings
- Experience 1.0 - a separately licensed application that measures performance, stability and responsiveness for applications and devices to assess user experience across your enterprise
- Patch Success 1.2 - reports on and ensures successful patching of your enterprise
A typical Tachyon license will include all these applications except for Experience, which must be licensed separately.
All the above require 1E Client to be deployed to all in-scope devices, with Tachyon features enabled.
Patch Success requires SLA Business Intelligence to be installed, as described in Business Intelligence above. It also needs to get meta-data for patches from whichever of the following that you use to approve patches:
- Configuration Manager (SCCM) if it is configured to manage WSUS
- Windows Server Update Services (WSUS)
The following applications can be installed on the Tachyon platform. These applications have their own installers and are not installed using Tachyon Setup. You will need to ask for the application to be added to your license.
- AppClarity 7.0 - used to manage software license compliance, License Demand Calculations, license entitlements, and for reclaiming unused software
- Application Migration 3.0 - used to intelligently automate the migration of applications during a Configuration Manager OS deployment
The AI Powered Auto-curation feature provides automatic curation of new products which avoids having to manually add products or waiting for 1E Catalog to be updated. This optional feature requires additional memory on the Tachyon Server (Master Stack). Please refer to AI Powered Auto-curation: Internal memory requirements for SLA for details.
1E Catalog is used by the following Tachyon applications, and can therefore use AI Powered Auto-curation:
Tachyon Tools
The following are tools included in Tachyon 5.0. These tools are not installed using Tachyon Setup. They have either their own installers or are included in download zips.
- Tachyon Configuration Manager UI extensions - installed as part of the Tachyon Toolkit, this is a right-click extension for the Microsoft System Center Configuration Manager console that provides a graphical user interface for the user to browse and run an instruction on devices in a specified Collection
- Tachyon Run Instruction command-line tool - installed as part of the Tachyon Toolkit, it is used for sending instructions to the Tachyon server from a script or from a command prompt
- Tachyon Product Pack Deployment Tool - included in the Tachyon Platform zip ProductPacks folder
- Tachyon Instruction Management Studio (TIMS) - used for development of Tachyon instructions using the Tachyon SDK.
A typical Tachyon license allows use of all these tools.
Tachyon Multi-Stack system
The picture opposite shows a Tachyon Multi-Stack System. Here the Tachyon Master Stack communicates with one or more Tachyon Response Stacks. A local Response Stack is not mandatory. Components colored green are optional in a Tachyon system.
As with a single-server system, the databases are optionally installed locally or on remote SQL Server instances(s).
Tachyon components
Let's take a look at each of the Tachyon components in slightly more detail.
| Component | Description | |
|---|---|---|
IIS Components | The following components are IIS Web Applications that reside on a single-server. Under the Tachyon website:
* These applications are installed under the Default Web Site and then relocated by Tachyon Setup to support both HTTP and HTTPS. | |
Core | The Core is a Tachyon Response Stack component which has two web applications, Core and Core Internal, providing internal API and data processing. Core does the following:
Core Internal does the following:
| |
Background Channel | The Background Channel is a Tachyon Response Stack component which provides a means for the Tachyon clients to retrieve large data items from Tachyon without loading the Tachyon Switch:
| |
Switch | The Switch is a Tachyon Response Stack component which provides the following:
The Switch Host service is responsible for starting local Switches. | |
Tachyon Portal UI | Tachyon users browse to the Tachyon Portal to access Tachyon applications. Applications that are Tachyon built-in applications:
Applications that are optional:
| |
Tachyon Consumer API | The Tachyon Consumer API provides the following:
| |
Tachyon Coordinator | The Coordinator service is the coordinating service used by Tachyon components. It has two modules, Workflow and Instrumentation. The Workflow module provides the following:
The Instrumentation module processes instrumentation data from the following components:
And responds to requests for instrumentation data from the Consumer API. Supports the two-factor authentication feature, with email. | |
ActiveEfficiency | For Tachyon 4.1 onward Tachyon Setup supports optional installation of ActiveEfficiency Server to support Nomad. ActiveEfficiency can be installed on the Tachyon server for systems supporting up to 50,000 clients. Larger systems require separation of incoming client network traffic from Nomad and Tachyon. Therefore, either ActiveEfficiency or the Response Stack is installed on a separate server, or if both are installed on the same server there are additional networking and DNS requirements. There is no integration between ActiveEfficiency Server and Tachyon. ActiveEfficiency is installed by Tachyon Setup in order to provide support for both HTTP and HTTPS. Nomad 7.0 uses the ActiveEfficiency Server for the following features. Please click on the links below to learn more about configuring Nomad features and their prerequisites, which can be configured after installing ActiveEfficiency Server:
ActiveEfficiency Server is also used as an inventory repository by the following 1E solutions, which also require the ActiveEfficiency Scout as a connector to capture the data from Configuration Manager. Tachyon Setup does not install or configure the Scout.
| |
Catalog UI | The Catalog website used to view and interact with the Catalog. Tachyon Setup supports installation of 1E Catalog on the Tachyon Master Stack server. For customers that want to continue using an existing installation of 1E Catalog 2.0 then Tachyon Setup supports using a remote Catalog server as a custom setup option. Please contact 1E for details of how to use custom setup options. | |
Catalog Update Service | Service used to connect to the 1E Cloud Catalog in order to download the latest catalog entries. | |
Catalog API | Consumer API used to manage and update the 1E Catalog. | |
SLA Admin | Internal API used to manage the SLA Platform. | |
SLA Platform UI | The Platform website used to view and interact with the Inventory. Optionally supports Application Migration 2.5.200. | |
SLA Engine | The Engine service is the coordinating service used by SLA Platform components. This includes processing of Management Groups. | |
SLA Integrate Services | The Integrate Agent performs Connector functions by connecting to data sources and importing data into repositories. The Integrate Manager manages Agent operations including repository action schedules. | |
SLA Inventory | The inventory repositories. | |
SLA Operations Provider API | Consumer API and functions used by SLA Platform clients, including Application Migration and the AppClarity Software Reclaimer. The Software Reclaimer will be a feature in a future version of Tachyon. | |
MDX (BI) | Internal API used by Patch Success application. Business Intelligence is an optional component installed by Tachyon Setup on the Master Stack, and requires SQL Server Analysis Services (SSAS). Business Intelligence is a prerequisite for the Patch Success application to support efficient presentation of visualizations on a large scale. | |
Consumer applications | Tachyon Consumer applications are: Explorer, Guaranteed State, Patch Success and Settings Other Tachyon Consumers are Tachyon Configuration Manager extensions, and other toolkit features. SLA Platform also has its own Consumer applications: Application Migration, and in a future version also AppClarity. | |
SQL Server (Database Engine and Analysis Services) | Tachyon has two databases:
Experience has two databases:
Catalog has one database:
SLA Platform has three databases:
SLA BI has two databases:
ActiveEfficiency has one database:
| |
1E Client | Tachyon client runs on the devices you want to include in your Tachyon managed estate. Tachyon clients communicate with the Tachyon Switches and the Background Channel to provide responses to instructions (questions and actions). Tachyon client and its features are part of the 1E Client, which replaces the Tachyon Agent. 1E Client also includes: Nomad client, Shopping/WSA client, and WakeUp client. | |
Tachyon architecture for Internet-facing devices
Enabling Tachyon to support devices that are external to your company network is done by slightly extending the default single-server architecture.
The Responses Stack handles communications between the Master Stack and the Tachyon clients. The Background Channel and Switches components handle the direct communication with the Tachyon clients, the Core processes the information in both directions between the Master Stack and the Switches.
To enable external Tachyon client devices to interact with Tachyon you need to put the Background Channel and at least one Switch into the DMZ.
First, you need a working Tachyon system with a Response Stack that will provide the Core for the DMZ Server. The picture opposite shows a Response Stack and Master Stack on the same server, located on the internal network. This serves clients when they are connected to the internal network.
Then configure the internal firewall to allow two-way communication between each of the following:
- The Core on the Internal Response Stack and the Switch(es) in the DMZ
- The Coordinator on the internal Response Stack and the Switch(es) in the DMZ
- The Consumer API on the internal Master Stack and the Background Channel in the DMZ
Configure the external firewall to allow incoming connections for:
- The external Tachyon clients and the Background Channel in the DMZ
- The external Tachyon clients and the Switch(es) in the DMZ
After you have installed the DMZ Server in the DMZ, you need to make the following changes in the existing Tachyon system:
- The Tachyon Master database would need to be modified to enable Tachyon to recognize and additionally use the DMZ Background Channel and Switch(es) and raise the security level of the Core and Switch communications to use HTTPS.
- The configuration files for the Switch host on the Internal Tachyon Server and on the Tachyon Server in the DMZ would need to be changed to enable the Switch(es) to communicate with the Core.
- The configuration file for the Background Channel on the DMZ would need to be changed to enable the Background Channel to communicate with the Consumer API.
Detailed steps for the above process can be found on the Implementing a Tachyon DMZ Server page.
The DMZ picture shows a dual firewall design, but single firewall is also supported.
In the picture, components colored green are optional in a Tachyon system.
