Carbon Black App Control Server software runs on standard, server-class Windows computers. It can be run on a dedicated system or as a virtual machine.

The Carbon Black App Control Server manages policies and rules, including software and device approvals and bans, and provides visibility into events and file activity on computers running Carbon Black App Control Agents. The Carbon Black App Control Console, a convenient, web-based user interface, provides access to the Carbon Black App Control Server from any connected computer.

The Carbon Black App Control Server database uses SQL Server, either on the same machine as Carbon Black App Control Server or on separate hardware. Key Carbon Black App Control data is accessible externally through a series of published views in the database that are part of the Live Inventory SDK. Carbon Black App Control events also can be output to a Syslog server or data analytics system for further analysis.

Integrating App Control with Active Directory

You may have already defined and named users, computers, and groups by using Microsoft Active Directory.

The Carbon Black App Control Server can take advantage of your Active Directory environment to set access privileges for users of the Carbon Black App Control Console, assign security policies to computers, provide user and computer metadata, and designate certain groups or users to be able to install software (and have it automatically approved) on agent-managed computers.

Unified Management of Multiple Servers

If you have multiple Carbon Black App Control Servers, you can centralize the management of those servers.

Unified Management allows you to specify that one server can control many common management functions not only for itself but for any of your other connected Carbon Black App Control Servers. You might choose this option to allow regional IT managers or security personnel to manage their own endpoints but have certain functions centrally managed on all servers in your organization. You might also choose to have different servers to manage different types of endpoints (for example, servers, desktops, POS systems).

See Unified Management of Multiple Servers for more details.