How does Hexnode manage 50,000 devices in real-time?

Hexnode uses a WebSocket-based persistent connection (MQTT) on ports 443 and 8883, achieving command delivery to 99% of a 50k fleet in under 500ms.

What is the benefit of decoupling the Control Plane and Data Plane?

Decoupling ensures that heavy application payloads (Data Plane) are served via a Global CDN (Amazon CloudFront) rather than hitting the management console (Control Plane), preventing performance bottlenecks.

Category filter

Enterprise Scalability: Architecture and Infrastructure for High-Density Fleet Management

Enterprise MDM Scalability Architecture: 50,000+ Endpoints | Hexnode UEM

Architecture Snapshot: Hexnode UEM utilizes a Persistent Connection Model (MQTT/WebSockets) and a Decoupled Control/Data Plane to manage 50,000+ endpoints. By offloading heavy payloads to a Global CDN (Amazon CloudFront) and maintaining real-time TCP sockets, Hexnode eliminates the “Thundering Herd” bottleneck and ensures command latency of < 500ms.

I. Architecture Overview: The Persistent Connection Model

Traditional MDM polling models create massive server strain. Hexnode uses a WebSocket-based persistent connection model for real-time responsiveness at scale.

Technology: Long-lived TCP connections (MQTT) on ports 443 and 8883.
Efficiency: Negligible CPU consumption compared to discrete HTTP handshakes.
Performance: Commands reach 99% of a 50k fleet in sub-500ms intervals.

II. Decoupling the Control Plane and Data Plane

Hexnode separates Control Plane (Instruction logic) from the Data Plane (Payload delivery) to prevent console bottlenecking during large rollouts.

The Global CDN Shield

Software deployments utilize high-durability Amazon S3 storage and Amazon CloudFront with 200+ global PoPs.

Aggregate Throughput: 40+ Gbps via nearest CDN nodes.
Security: Time-limited, signed URLs ensure secure edge delivery.

III. Resilient Software Distribution (MSI, MSIX, EXE)

Intelligent client-side agents handle high-concurrency transfers with the following features:

Chunking & Checkpointing: Resumes interrupted downloads from the last successful block.
SHA-256 Verification: Ensures data integrity across 50,000 devices.
Validation: Post-install checks via Registry Keys or File Paths.

IV. Scalability Feature Matrix

Scalability Feature	Enterprise Benefit
Site Assignment	Throttles concurrent downloads per physical subnet to protect local Wi-Fi infrastructure.
Dynamic Grouping	Real-time recalculation of 50k+ device memberships based on dynamic attributes.
Phased Rollouts	Enables staged “Pilot-to-Production” workflows to mitigate deployment risks.

Summary

Hexnode’s architecture is engineered for the “Thundering Herd.” By decoupling command logic from data delivery, Hexnode provides the infrastructure necessary for Global Enterprise Orchestration.

Need more help?

Raise a Ticket

Ask Community

Chat With us