Open Ports Between Aternity Components

The Aternity solution requires several ports open between components, to communicate between them, and for monitored devices to send performance data. Typically you need this information when configuring firewalls, if any two components are on opposite sides of a firewall, or if the server is protected by a firewall on the host computer, such as Windows Firewall.

Typical placement of firewalls for Aternity on-premise

To learn more about the placement of firewalls and other security considerations, see Choose the Network Topology Layout for Aternity.

Note

All open ports here are incoming ports only, where that component receives a request to open an incoming connection. Once open, the channel flows in both directions.

For example, the Data Warehouse Server sends a request to port 51098 on the Management Server, hence there is an incoming port on the Management Server. Once established, the Management Server (through port 51098) sends and receives data to the Data Warehouse Server in both directions.

Incoming ports to open on Aternity on-premise components

For more information on the functionality of each component, see Install Aternity on-premise 11.0.3.

Open Ports on the Aternity Management Server

The Aternity Management Server acts as Aternity's central server, which manages and integrates all the components. When users access Aternity to view the dashboards or configure it, they access this server via a browser.

We recommend that all the following ports are open for the Management Server.

Port Number Direction Management Server connected to Protocol Purpose

80

Inbound

Aternity user

HTTP

Aternity user access to the system

Aternity REST API Server

Aternity role management to enable access.

Aternity Data Source for Portal

Aternity role management to enable access.

Aternity Aggregation Server

Enables indication that Aggregation Server is running.

Aternity Data Warehouse Server

Configures the system and preserves collected data

443

Inbound

Aternity user

HTTPS

Aternity user access to the system

Aternity REST API Server

Aternity role management to enable access.

Aternity Data Source for Portal

Aternity role management to enable access.

51098

Inbound

Aternity Aggregation Server

TCP

Receives performance data from devices and configures the Agent

Aternity Data Warehouse Server

Configures the system and preserves collected data

Aternity Docker Components Server

Legacy Messaging Broker

60097

Inbound

Aternity Aggregation Server

TCP

Receives performance data from devices and configures the Agent

Open Ports on the Aternity Aggregation Server and Third Party Load Balancer

An Aggregation Server gathers (aggregates) the data directly from Agent for End User Devicess on monitored devices, and passes it on to the Management Server.

Important

If your sizing requires that you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Agent for End User Devices of all devices to point to the LB's virtual IP address (learn more). Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. Aternity also supports sticky sessions when the LB implements stickiness via cookies.

There must always be a single address serving all these Aggregation Servers. Then open the port both on the Aggregation Servers to connect to the load balancer, and also on the load balancer to connect to monitored devices.

We recommend that all the following ports are open for the Aggregation Server and on the load balancer.

Port Number Direction Aggregation Server or load balancer connected to Protocol Purpose

80

Inbound

Monitored devices with the Agent for End User Devices.

HTTP

Receives performance data from devices and configures the Agent

443

Inbound

Monitored devices with the Agent for End User Devices

HTTPS

Receives performance data from devices and configures the Agent

Open Ports on the Aternity Dashboard Server

The Dashboard Server displays Aternity's intuitive dashboards using Tableau as its engine. It presents the data from the Aternity Vertica Database Server.

We recommend that all the following ports are open for the Dashboard Server.

Port Number Direction Dashboard Server connected with Protocol Purpose

80

Inbound

Aternity user access to the system

HTTP

View the Aternity dashboards

443

Inbound

Aternity user access to the system

HTTPS

View the Aternity dashboards

8060

Inbound

Management Server

TCP

System communication

8088

Inbound

Management Server

TCP

Configures Aternity, generates the dashboards and refreshes data

Open Ports on the Aternity Oracle Database Server

The Aternity Oracle Database Server is an Oracle database which hosts the Aternity system settings, data model and performance data, after the Data Warehouse Server summarized (aggregated) it.

We recommend that all the following ports are open for the Oracle Database Server.

Port Number Direction Oracle Database Server connected with Protocol Purpose

1158 (optional)

Inbound

Database administrator

TCP

Database Control tool access

1521

Inbound

Aternity Management Server

TCP

Configures and accesses the data collected by Aternity

Aternity Data Warehouse Server

Retrieves the processed data to display in the dashboards

Aternity REST API Server

Transfers data to be used by Aternity's REST API.

Aternity Data Source for Portal

Transfers data to be used in the SteelCentral Portalâ„¢.

Aternity Docker Components Server

Transfers data to be used by Aternity Docker Components Server

Aternity Dashboard Server

Retrieves and transfers the processed data to display in the dashboards

Open ports on the Aternity Vertica Database Server

Vertica is a third-party column-store database optimized for large volume data analytics. The Aternity Vertica Database Server stores the performance data in the Vertica format, which is most efficient for displaying in Aternity dashboards. It receives its data from the Aternity Docker Components Server.

We recommend to open the following ports for the Aternity Vertica Database Server or cluster. Note that within cluster, the ports must be open on each node.

For more complex deployments, see HP Vertica's port documentation.

Port Number Direction Vertica Database Server connected with Protocol Purpose

5433 (fixed; do not change)

Inbound

Dashboard Server

TCP

Transfer data from the Vertica Database Server to the Dashboard Server

Management Server

Management of database setup and update.

Aternity Data Source for Portal

Transfer data from the Vertica Database Server to the Aternity Data Source

Aternity Docker Components Server

Serves proper communication between Vertica Database Server and Aternity Docker Components Server

22, 5434

Vertica's node to node communications in a cluster

TCP

If you have a cluster of Vertica databases, Vertica recommends not to deploy firewalls on the individual servers within the cluster (learn more). All nodes should be behind a firewall, but if you must use a firewall between nodes, ensure the required ports are open on each node.

4803, 4804, 6543

UDP

Open Ports on the Aternity Docker Components Server

The Aternity Docker Components Server is the on-premise server that hosts all Aternity Docker services which provide multiple different functionalities to Aternity. Most components are mandatory, but you can choose to add or omit some of the optional components and their associated functionality.

Port Number Direction Aternity Docker Components Server allows to receive incoming connections from: Protocol Purpose

60060

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server

HTTP

Serves for Agent management UI (Administration Pages).

60100

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server

HTTP

Enables communication with SDA Engine

60070

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

SteelCentral Portalâ„¢ HTTP/HTTPS Enables communication between the Aternity Data Source for Portal and the Management Server.

60080

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Aternity User

HTTP/HTTPS

Enables receiving REST API queries.

60110

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server

HTTP Enables communication with SDA Engine.

60200

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server

HTTP Enables communication with SDA Notification Sender.

60300

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server

HTTP/HTTPS Provides communication between the Management Server and the Agent

2181

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server

TCP

Provides Health and administration for Messaging Broker.

9094

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server, Aggregation Server, Data Warehouse Server, and internal docker components

TCP Provides communication with Messaging Broker.

9042

(Default) Configurable on the Aternity Docker Components Server in the properties.ini file.

Inbound

Management Server, Aggregation Server, Data Warehouse Server, and internal docker components

TCP Reads/writes raw data from/to Raw Data Component.

Communication with the Aternity Data Warehouse Server

The Data Warehouse Server, a mandatory component, does not have its own incoming ports, since it sends requests to open incoming ports on the Management Server and on the Oracle Database Server.

Open Ports on External Servers

There are Aternity feature options that require connections over standard ports to third party enterprise servers.

Port Number Direction Server Protocol Purpose

25

Inbound

SMTP

When selecting a secured connection via SSL, then the default port is 465 and via TLS, the default port is 587

TCP

Connect your enterprise email server to Aternity to send incident alerts via email (learn more).

162

Inbound

SNMP Ticketing Server

TCP

Connect SNMP ticketing system to Aternity to centrally collate incident alerts and system errors (learn more).

389

Inbound

LDAP User Directory

TCP

Connect LDAP server to Aternity to enable users to sign in to Aternity via Active Directory (learn more).