Open Ports Between Aternity 10 Components

The Aternity solution requires several ports open between components to allow access to the system, to communicate between the system components, and for monitored devices to send performance data. Typically you need this information when configuring firewalls, if any two components are on opposite sides of a firewall, or if the server is protected by a firewall on the host computer, such as Windows Firewall.

Typical placement of firewalls for Aternity on-premise

To learn more about the placement of firewalls and other security considerations, see .

Note

All open ports here are incoming ports only, where that component receives a request to open an incoming connection. Once open, the channel flows in both directions.

For example, the Data Warehouse Server sends a request to port 51098 on the Management Server, hence there is an incoming port on the Management Server. Once established, the Management Server (through port 51098) sends and receives data to the Data Warehouse Server in both directions.

Incoming ports to open on Aternity on-premise components

For more information on the functionality of each component, see Install Aternity on-premise 10.

Open Ports on the Aternity Management Server

The Aternity Management Server acts as the system's central server, which manages and integrates all the system components. When users access Aternity to view the dashboards or configure the system, they access this server via a browser.

We recommend that all the following ports are open for the Management Server.

Port Number Direction Management Server connected to Protocol Purpose

80

Inbound

Aternity user

HTTP

Aternity user access to the system

Aternity REST API Server

Aternity role management to enable access.

Aternity Data Source for Portal

Aternity role management to enable access.

Aternity Aggregation Server

Enables indication that Aggregation Server is running.

Aternity Data Warehouse Server

Configures the system and preserves collected data

443

Inbound

Aternity user

HTTPS

Aternity user access to the system

Aternity REST API Server

Aternity role management to enable access.

Aternity Data Source for Portal

Aternity role management to enable access.

51098

Inbound

Aternity Aggregation Server

TCP

Receives performance data from devices and configures the Agent

Aternity Data Warehouse Server

Configures the system and preserves collected data

60097

Inbound

Aternity Aggregation Server

TCP

Receives performance data from devices and configures the Agent

Open Ports on the Aternity Aggregation Server and Third Party Load Balancer

An Aggregation Server gathers (aggregates) the data directly from Aternity Agents on monitored devices, and passes it on to the Management Server.

Important

If your sizing requires that you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address (learn more). Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. Aternity also supports sticky sessions also when the LB implements stickiness via cookies.

There must always be a single address serving all these Aggregation Servers. Then open the port both on the Aggregation Servers to connect to the load balancer, and also on the load balancer to connect to monitored devices.

We recommend that all the following ports are open for the Aggregation Server and on the load balancer.

Port Number Direction Aggregation Server or load balancer connected to Protocol Purpose

80

Inbound

Monitored devices with the Aternity Agent.

HTTP

Receives performance data from devices and configures the Agent

443

Inbound

Monitored devices with the Aternity Agent

HTTPS

Receives performance data from devices and configures the Agent

Open Ports on the Aternity Dashboard Server

The Dashboard Server displays Aternity's intuitive dashboards using Tableau as its engine. It presents the data from the Aternity Vertica Database Server.

We recommend that all the following ports are open for the Dashboard Server.

Port Number Direction Dashboard Server connected with Protocol Purpose

80

Inbound

Aternity user access to the system

HTTP

View the Aternity dashboards

443

Inbound

Aternity user access to the system

HTTPS

View the Aternity dashboards

8060

Inbound

Management Server

TCP

System communication

8088

Inbound

Management Server

TCP

Configures the system, generates the dashboards and refreshes data

Open Ports on the Aternity Oracle Database Server

The Aternity Oracle Database Server is an Oracle database which hosts the Aternity system settings, data model and performance data, after the Data Warehouse Server summarized (aggregated) it.

We recommend that all the following ports are open for the Oracle Database Server.

Port Number Direction Oracle Database Server connected with Protocol Purpose

1158 (optional)

Inbound

Database administrator

TCP

Database Control tool access

1521

Inbound

Aternity Management Server

TCP

Configures the system and accesses the data collected by Aternity

Aternity Data Warehouse Server

Retrieves the processed data to display in the dashboards

Aternity ETL Server and

Transfers data to be converted to the Vertica database format,

Aternity REST API Server

Transfers data to be used by Aternity's REST API.

Aternity Data Source for Portal

Transfers data to be used in the SteelCentral Portal™.

Open ports on the Aternity Vertica Database Server

The Aternity Vertica Database Server stores the performance data from the past 31 days in the Vertica format, which is most efficient for displaying in Aternity dashboards. It receives its data from the Aternity ETL Server, which translates performance data from the Aternity Oracle Database Server to this server.

We recommend that the following port is open for the Aternity Vertica Database Server or cluster.

For more complex deployments, see HP Vertica's port documentation.

Port Number Direction Vertica Database Server connected with Protocol Purpose

5433 (fixed; do not change)

Inbound

ETL Server

TCP

Transfer data from the ETL Server to the Vertica Database Server

Dashboard Server

Transfer data from the Vertica Database Server to the Dashboard Server

Management Server

Management of database setup and update.

Aternity Data Source for Portal

Transfer data from the Vertica Database Server to the Aternity Data Source

22, 5434

Vertica's node to node communications in a cluster

TCP

If you have a cluster of Vertica databases, Vertica recommends not to deploy firewalls on the individual servers within the cluster (learn more).

4803, 4804, 6543

UDP

Open Ports on the Aternity REST API Server

The Aternity REST API Server is a component in Aternity on-premise which allows authorized users to send REST API queries to directly extract and analyze Aternity's data without accessing Aternity's dashboards. You can combine the data with other data sources if needed, or transform it as required, then view it in Microsoft Excel, Power BI, or your own data application.

Important

This component is optional, and only required if you use REST APIs.

Port Number Direction Aternity REST API Server connected with Protocol Purpose

60080 (default) configurable during setup

Inbound

User

HTTP

Enable sending of REST API queries

Open Ports on the Aternity Data Source

The Aternity Data Source for Portal provides Aternity data to the SteelCentral Portal™, so you can view end-user experience data in its dashboards. You can configure the Portal to connect to your Aternity Data Source.

Important

This component is optional, and only required if you want to access Aternity data in SteelCentral Portal™.

Port Number Direction Aternity Data Source connected with Protocol Purpose

8080 (default) configurable during setup

Inbound

User

HTTP

Enables SteelCentral Portal™ to access data from the Aternity Data Source (learn more).

Communication with the Aternity Data Warehouse Server

The Data Warehouse Server, a mandatory component, does not have its own incoming ports, since it sends requests to open incoming ports on the Management Server and on the Oracle Database Server.

Communication with the Aternity ETL Server

The ETL Server, a mandatory component, does not have its own incoming ports, since it sends requests to open incoming ports on the Oracle Database Server and on the Vertica Database Server.

Open Ports on External Servers

There are Aternity feature options that require connections over standard ports to third party enterprise servers.

Port Number Direction Server Protocol Purpose

25

Inbound

SMTP

TCP

Connect your enterprise email server to Aternity to send incident alerts via email (learn more).

162

Inbound

SNMP Ticketing Server

TCP

Connect SNMP ticketing system to Aternity to centrally collate incident alerts and system errors (learn more).

389

Inbound

LDAP User Directory

TCP

Connect LDAP server to Aternity to enable users to sign in to Aternity via Active Directory (learn more).