Architecture

The drawing above indicates the connections between the user workstations, Enforcer provisioned systems (Active Directory: domain controllers, Microsoft Windows Local Accounts: Windows workstations or servers), and the EPAS MASTER or AGENT systems, in a deployment scenario for the EPAS Password Quality Enforcer. The arrows indicate the direction of the communication for all protocols mentioned.

The example above includes two different placement possibilities for the EPAS components, depending on the local security regulations: all components in the management network, or, should connections from the production network to the management network be prohibited, some components deployed in the production / server network.

The example layout also includes all the features provided by the EPAS Password Quality Enforcer, including high availability and verbose user notification for the new password refusal reason.

The red connections represent the links between the EPAS MASTER and the AGENT systems, used for management and synchronization functions.

The blue connections represent the links between the domain controllers where the EPAS Password Quality Enforcer DLL is installed and the EPAS components performing the password evaluation.

The green connections represent the links between the user workstation and the domain controllers; no connections to any EPAS components are necessary.