Use multiple Patch Manager servers to facilitate load balancing, fault tolerance, or the needs imposed by geographic distribution or securities boundaries within an enterprise. When you deploy multiple Patch Manager servers, consider the following as you design your deployment strategy.
In geographically distributed environments, deploy an additional Automation role server to each remote site. In this way, you enable these additional servers to facilitate client management and configuration processes on the local LAN of the target systems, instead of across the WAN.
Similarly, deploy additional Management role servers to each site to segregate management and data collection tasks as needed. Management role servers can also work in conjunction with the additional Application role servers to support remote system administrators.
In large environments with multiple subnets or large inventory requirements, deploy additional Application and/or Management role servers to optimize the Patch Manager environment. Use additional Application role servers to support multiple administration consoles. Use additional Management role servers to create smaller management groups for administration and reporting.
In environments that utilize Wake-on-LAN (WOL), deploy additional Automation role servers to facilitate WOL broadcasts for distributed systems. This helps administrators avoid the need to configure routers to support this functionality. It also increases the overall reliability by restricting WOL broadcasts to smaller, LAN-specific network domains.
In environments with open-port or bandwidth concerns, deploy additional Automation and/or Management role servers to limit these requirements. Use additional Application role servers to limit WAN communication to a single port: 4092, the port used for server-to-server communication. With an Automation role server on each LAN, the other ports required in the Patch Manager environment only have to be open on each LAN.
Similarly, use additional Management role servers to limit the amount of traffic travelling across the WAN. With a Management role server on each LAN, inventory data only has to cross the WAN if a Patch Manager administrator runs a report for that LAN from a remote site.