Table of contents Open Ports Between Aternity on-premise 9.0.2 / 9.0.3 Components The Aternity solution requires several ports open between components to allow access to the system, to communicate between the system components, and for monitored devices to send performance data. Typically you need this information when configuring firewalls, if any two components are on opposite sides of a firewall. Typical placement of firewalls for Aternity on-premise You can deploy all Aternity on-premise components on a single PC as a small demo if needed, or you can spread different components on separate computers. The number of servers and their layout (network topology) depends on the size of your deployment. To decide on the placement of firewalls and other security considerations, see Choose the Network Topology Layout for Aternity on-premise 9.0.2 / 9.0.3. Open ports and direction of the connections between Aternity on-premise components For more information on the functionality of each component, see Install Aternity on-premise 9.0.2 / 9.0.3. Open Ports on the Aternity Management Server The Aternity Management Server acts as the system's central server, which manages and integrates all the system components. Users access this server via a browser to configure the system and view the dashboards. Port Number Direction Management Server connected with Protocol Purpose 25 (optional) Outbound to Email Server TCP Sends incident alerts via SMTP 389 (optional) Outbound to LDAP Server TCP Authenticates users and accesses user attributes from the LDAP server (for example, the user's department) 162 (outbound only, optional) Outbound to SNMP Server UDP Sends incident alerts via SNMP 80 Inbound from Aternity user HTTP Aternity user access to the system 443 Inbound from Aternity user HTTPS Aternity user access to the system 58093 (optional) Inbound from Aternity user TCP Very rare, advanced configuration 80 Inbound from Aternity Aggregation Server HTTP Sends performance data from devices, plus configures the Agent 51098 Inbound from Aternity Aggregation Server TCP Sends performance data from devices, plus configures the Agent 60097 Inbound from Aternity Aggregation Server TCP Sends performance data from devices, plus configures the Agent 1521 Outbound to Aternity Database Server TCP Configures the system and accesses the data collected by Aternity 8088 Outbound to Aternity Dashboard Server TCP Configures the system, generates the dashboards and refreshes data 80 Inbound from Aternity Data Warehouse Server HTTP Configures the system and preserves collected data 51098 Inbound from Aternity Data Warehouse Server TCP Configures the system and preserves collected data 58093 Inbound from Aternity Data Warehouse Server TCP Configures the system and preserves collected data 80 Outbound to Aternity Analytics Server HTTP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data 51098 Outbound to Aternity Analytics Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data 60097 Outbound to Aternity Analytics Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data Open Ports on the Aternity Aggregation Server or third party load balancer An Aggregation Server gathers (aggregates) the data directly from Aternity Agents on monitored devices, and passes it on to the Management Server. Important If you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address. Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. There must always be a single address serving all these Aggregation Servers. Port Number Direction Aggregation Server connected with Protocol Purpose 80 Inbound from Monitored devices with the Aternity Agent HTTP Sends performance data from devices, plus configures the Agent 443 Inbound from Monitored devices with the Aternity Agent HTTPS Sends performance data from devices, plus configures the Agent 80 Outbound to Aternity Management Server HTTP Sends performance data from devices, plus configures the Agent and the system 51098 Outbound to Aternity Management Server TCP Sends performance data from devices, plus configures the Agent and the system 60097 Outbound to Aternity Management Server TCP Sends performance data from devices, plus configures the Agent and the system Open Ports on the Aternity Dashboard Server and Dashboard Worker Servers The Dashboard Server displays Aternity's intuitive dashboards using Tableau as its engine. It presents the raw data (from the Data Warehouse Server) and the older aggregated data (from the Database Server). Larger on-premise deployments require one or more additional Aternity Dashboard Worker Servers to display dashboards more efficiently. The Aternity Dashboard Worker Server accepts much of the intensive processing required to create dashboards, enabling larger Aternity on-premise deployments to display dashboards more efficiently. Important Larger deployments which have one or more Dashboard Worker Servers helping the Dashboard Server should always allow all ports required to be open between the computers. Tableau's documentation states that they use numerous ports between them, and may use additional dynamically allocated ports. For more information, see Tableau's ports documentation. We recommend that all the following ports are open for both the Dashboard Server and Dashboard Worker Servers. Port Number Direction Dashboard Server connected with Protocol Purpose 80 Inbound from Aternity user access to the system HTTP View the Aternity dashboards 443 Inbound from Aternity user access to the system HTTPS View the Aternity dashboards 8088 Inbound from Aternity Management Server TCP Configures the system and generates the dashboards 1521 Outbound to Aternity Database Server TCP Transfers the data to display in dashboards Open Ports on the Aternity Database Server The Aternity Database Server is an Oracle database which houses the Aternity system settings and the performance data from the past 1-2 years, aggregated by the Data Warehouse Server. Port Number Direction Database Server connected with Protocol Purpose 1158 (optional) Inbound from Database administrator HTTP Database control 1521 Inbound from Aternity Management Server TCP Configures the system and accesses the data collected by Aternity 1521 Inbound from Aternity Data Warehouse Server TCP Retrieves the processed data to display in the dashboards 1521 Inbound from Aternity Dashboard Server and Dashboard Worker Server TCP Transfers data to display in the dashboards Open Ports on the Aternity Data Warehouse Server The Data Warehouse Server stores the raw data gathered from the Aggregation Servers, and aggregates (summarizes) it for the Database Server. Port Number Direction Data Warehouse Server connected with Protocol Reason 80 Outbound to Aternity Management Server HTTP Configures the system and preserves collected data 51098 Outbound to Aternity Management Server TCP Configures the system and preserves collected data 58093 Outbound to Aternity Management Server TCP Configures the system and preserves collected data 1521 Outbound to Aternity Database Server TCP Transfers data to display in the dashboards Open Ports on the Aternity Analytics Server The Analytics Server (or RCA server), calculates an activity's performance baselines, its score and status, and detects the occurrence of incidents. It is on the same computer as the Management Server. Port Number Direction Analytics Server connected with Protocol Reason 80 Inbound from Aternity Management Server HTTP Configures the system, calculates the performance status, calculates scores, and generates incidents 51098 Inbound from Aternity Management Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents 60097 Inbound from Aternity Management Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents Parent topic Choose the Network Topology Layout for Aternity on-premise 9.0.2 / 9.0.3 Related Links
Open Ports Between Aternity on-premise 9.0.2 / 9.0.3 Components The Aternity solution requires several ports open between components to allow access to the system, to communicate between the system components, and for monitored devices to send performance data. Typically you need this information when configuring firewalls, if any two components are on opposite sides of a firewall. Typical placement of firewalls for Aternity on-premise You can deploy all Aternity on-premise components on a single PC as a small demo if needed, or you can spread different components on separate computers. The number of servers and their layout (network topology) depends on the size of your deployment. To decide on the placement of firewalls and other security considerations, see Choose the Network Topology Layout for Aternity on-premise 9.0.2 / 9.0.3. Open ports and direction of the connections between Aternity on-premise components For more information on the functionality of each component, see Install Aternity on-premise 9.0.2 / 9.0.3. Open Ports on the Aternity Management Server The Aternity Management Server acts as the system's central server, which manages and integrates all the system components. Users access this server via a browser to configure the system and view the dashboards. Port Number Direction Management Server connected with Protocol Purpose 25 (optional) Outbound to Email Server TCP Sends incident alerts via SMTP 389 (optional) Outbound to LDAP Server TCP Authenticates users and accesses user attributes from the LDAP server (for example, the user's department) 162 (outbound only, optional) Outbound to SNMP Server UDP Sends incident alerts via SNMP 80 Inbound from Aternity user HTTP Aternity user access to the system 443 Inbound from Aternity user HTTPS Aternity user access to the system 58093 (optional) Inbound from Aternity user TCP Very rare, advanced configuration 80 Inbound from Aternity Aggregation Server HTTP Sends performance data from devices, plus configures the Agent 51098 Inbound from Aternity Aggregation Server TCP Sends performance data from devices, plus configures the Agent 60097 Inbound from Aternity Aggregation Server TCP Sends performance data from devices, plus configures the Agent 1521 Outbound to Aternity Database Server TCP Configures the system and accesses the data collected by Aternity 8088 Outbound to Aternity Dashboard Server TCP Configures the system, generates the dashboards and refreshes data 80 Inbound from Aternity Data Warehouse Server HTTP Configures the system and preserves collected data 51098 Inbound from Aternity Data Warehouse Server TCP Configures the system and preserves collected data 58093 Inbound from Aternity Data Warehouse Server TCP Configures the system and preserves collected data 80 Outbound to Aternity Analytics Server HTTP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data 51098 Outbound to Aternity Analytics Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data 60097 Outbound to Aternity Analytics Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data Open Ports on the Aternity Aggregation Server or third party load balancer An Aggregation Server gathers (aggregates) the data directly from Aternity Agents on monitored devices, and passes it on to the Management Server. Important If you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address. Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. There must always be a single address serving all these Aggregation Servers. Port Number Direction Aggregation Server connected with Protocol Purpose 80 Inbound from Monitored devices with the Aternity Agent HTTP Sends performance data from devices, plus configures the Agent 443 Inbound from Monitored devices with the Aternity Agent HTTPS Sends performance data from devices, plus configures the Agent 80 Outbound to Aternity Management Server HTTP Sends performance data from devices, plus configures the Agent and the system 51098 Outbound to Aternity Management Server TCP Sends performance data from devices, plus configures the Agent and the system 60097 Outbound to Aternity Management Server TCP Sends performance data from devices, plus configures the Agent and the system Open Ports on the Aternity Dashboard Server and Dashboard Worker Servers The Dashboard Server displays Aternity's intuitive dashboards using Tableau as its engine. It presents the raw data (from the Data Warehouse Server) and the older aggregated data (from the Database Server). Larger on-premise deployments require one or more additional Aternity Dashboard Worker Servers to display dashboards more efficiently. The Aternity Dashboard Worker Server accepts much of the intensive processing required to create dashboards, enabling larger Aternity on-premise deployments to display dashboards more efficiently. Important Larger deployments which have one or more Dashboard Worker Servers helping the Dashboard Server should always allow all ports required to be open between the computers. Tableau's documentation states that they use numerous ports between them, and may use additional dynamically allocated ports. For more information, see Tableau's ports documentation. We recommend that all the following ports are open for both the Dashboard Server and Dashboard Worker Servers. Port Number Direction Dashboard Server connected with Protocol Purpose 80 Inbound from Aternity user access to the system HTTP View the Aternity dashboards 443 Inbound from Aternity user access to the system HTTPS View the Aternity dashboards 8088 Inbound from Aternity Management Server TCP Configures the system and generates the dashboards 1521 Outbound to Aternity Database Server TCP Transfers the data to display in dashboards Open Ports on the Aternity Database Server The Aternity Database Server is an Oracle database which houses the Aternity system settings and the performance data from the past 1-2 years, aggregated by the Data Warehouse Server. Port Number Direction Database Server connected with Protocol Purpose 1158 (optional) Inbound from Database administrator HTTP Database control 1521 Inbound from Aternity Management Server TCP Configures the system and accesses the data collected by Aternity 1521 Inbound from Aternity Data Warehouse Server TCP Retrieves the processed data to display in the dashboards 1521 Inbound from Aternity Dashboard Server and Dashboard Worker Server TCP Transfers data to display in the dashboards Open Ports on the Aternity Data Warehouse Server The Data Warehouse Server stores the raw data gathered from the Aggregation Servers, and aggregates (summarizes) it for the Database Server. Port Number Direction Data Warehouse Server connected with Protocol Reason 80 Outbound to Aternity Management Server HTTP Configures the system and preserves collected data 51098 Outbound to Aternity Management Server TCP Configures the system and preserves collected data 58093 Outbound to Aternity Management Server TCP Configures the system and preserves collected data 1521 Outbound to Aternity Database Server TCP Transfers data to display in the dashboards Open Ports on the Aternity Analytics Server The Analytics Server (or RCA server), calculates an activity's performance baselines, its score and status, and detects the occurrence of incidents. It is on the same computer as the Management Server. Port Number Direction Analytics Server connected with Protocol Reason 80 Inbound from Aternity Management Server HTTP Configures the system, calculates the performance status, calculates scores, and generates incidents 51098 Inbound from Aternity Management Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents 60097 Inbound from Aternity Management Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents Parent topic Choose the Network Topology Layout for Aternity on-premise 9.0.2 / 9.0.3
Open Ports Between Aternity on-premise 9.0.2 / 9.0.3 Components The Aternity solution requires several ports open between components to allow access to the system, to communicate between the system components, and for monitored devices to send performance data. Typically you need this information when configuring firewalls, if any two components are on opposite sides of a firewall. Typical placement of firewalls for Aternity on-premise You can deploy all Aternity on-premise components on a single PC as a small demo if needed, or you can spread different components on separate computers. The number of servers and their layout (network topology) depends on the size of your deployment. To decide on the placement of firewalls and other security considerations, see Choose the Network Topology Layout for Aternity on-premise 9.0.2 / 9.0.3. Open ports and direction of the connections between Aternity on-premise components For more information on the functionality of each component, see Install Aternity on-premise 9.0.2 / 9.0.3. Open Ports on the Aternity Management Server The Aternity Management Server acts as the system's central server, which manages and integrates all the system components. Users access this server via a browser to configure the system and view the dashboards. Port Number Direction Management Server connected with Protocol Purpose 25 (optional) Outbound to Email Server TCP Sends incident alerts via SMTP 389 (optional) Outbound to LDAP Server TCP Authenticates users and accesses user attributes from the LDAP server (for example, the user's department) 162 (outbound only, optional) Outbound to SNMP Server UDP Sends incident alerts via SNMP 80 Inbound from Aternity user HTTP Aternity user access to the system 443 Inbound from Aternity user HTTPS Aternity user access to the system 58093 (optional) Inbound from Aternity user TCP Very rare, advanced configuration 80 Inbound from Aternity Aggregation Server HTTP Sends performance data from devices, plus configures the Agent 51098 Inbound from Aternity Aggregation Server TCP Sends performance data from devices, plus configures the Agent 60097 Inbound from Aternity Aggregation Server TCP Sends performance data from devices, plus configures the Agent 1521 Outbound to Aternity Database Server TCP Configures the system and accesses the data collected by Aternity 8088 Outbound to Aternity Dashboard Server TCP Configures the system, generates the dashboards and refreshes data 80 Inbound from Aternity Data Warehouse Server HTTP Configures the system and preserves collected data 51098 Inbound from Aternity Data Warehouse Server TCP Configures the system and preserves collected data 58093 Inbound from Aternity Data Warehouse Server TCP Configures the system and preserves collected data 80 Outbound to Aternity Analytics Server HTTP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data 51098 Outbound to Aternity Analytics Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data 60097 Outbound to Aternity Analytics Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents. Also preserves collected data Open Ports on the Aternity Aggregation Server or third party load balancer An Aggregation Server gathers (aggregates) the data directly from Aternity Agents on monitored devices, and passes it on to the Management Server. Important If you deploy more than one dedicated Aternity Aggregation Server, you must deploy a third party load balancer (LB). Then configure the Aternity Agent of all devices to point to the LB's virtual IP address. Configure the LB with persistent (sticky) sessions to ensure the Agent maintains its connection with the same server. There must always be a single address serving all these Aggregation Servers. Port Number Direction Aggregation Server connected with Protocol Purpose 80 Inbound from Monitored devices with the Aternity Agent HTTP Sends performance data from devices, plus configures the Agent 443 Inbound from Monitored devices with the Aternity Agent HTTPS Sends performance data from devices, plus configures the Agent 80 Outbound to Aternity Management Server HTTP Sends performance data from devices, plus configures the Agent and the system 51098 Outbound to Aternity Management Server TCP Sends performance data from devices, plus configures the Agent and the system 60097 Outbound to Aternity Management Server TCP Sends performance data from devices, plus configures the Agent and the system Open Ports on the Aternity Dashboard Server and Dashboard Worker Servers The Dashboard Server displays Aternity's intuitive dashboards using Tableau as its engine. It presents the raw data (from the Data Warehouse Server) and the older aggregated data (from the Database Server). Larger on-premise deployments require one or more additional Aternity Dashboard Worker Servers to display dashboards more efficiently. The Aternity Dashboard Worker Server accepts much of the intensive processing required to create dashboards, enabling larger Aternity on-premise deployments to display dashboards more efficiently. Important Larger deployments which have one or more Dashboard Worker Servers helping the Dashboard Server should always allow all ports required to be open between the computers. Tableau's documentation states that they use numerous ports between them, and may use additional dynamically allocated ports. For more information, see Tableau's ports documentation. We recommend that all the following ports are open for both the Dashboard Server and Dashboard Worker Servers. Port Number Direction Dashboard Server connected with Protocol Purpose 80 Inbound from Aternity user access to the system HTTP View the Aternity dashboards 443 Inbound from Aternity user access to the system HTTPS View the Aternity dashboards 8088 Inbound from Aternity Management Server TCP Configures the system and generates the dashboards 1521 Outbound to Aternity Database Server TCP Transfers the data to display in dashboards Open Ports on the Aternity Database Server The Aternity Database Server is an Oracle database which houses the Aternity system settings and the performance data from the past 1-2 years, aggregated by the Data Warehouse Server. Port Number Direction Database Server connected with Protocol Purpose 1158 (optional) Inbound from Database administrator HTTP Database control 1521 Inbound from Aternity Management Server TCP Configures the system and accesses the data collected by Aternity 1521 Inbound from Aternity Data Warehouse Server TCP Retrieves the processed data to display in the dashboards 1521 Inbound from Aternity Dashboard Server and Dashboard Worker Server TCP Transfers data to display in the dashboards Open Ports on the Aternity Data Warehouse Server The Data Warehouse Server stores the raw data gathered from the Aggregation Servers, and aggregates (summarizes) it for the Database Server. Port Number Direction Data Warehouse Server connected with Protocol Reason 80 Outbound to Aternity Management Server HTTP Configures the system and preserves collected data 51098 Outbound to Aternity Management Server TCP Configures the system and preserves collected data 58093 Outbound to Aternity Management Server TCP Configures the system and preserves collected data 1521 Outbound to Aternity Database Server TCP Transfers data to display in the dashboards Open Ports on the Aternity Analytics Server The Analytics Server (or RCA server), calculates an activity's performance baselines, its score and status, and detects the occurrence of incidents. It is on the same computer as the Management Server. Port Number Direction Analytics Server connected with Protocol Reason 80 Inbound from Aternity Management Server HTTP Configures the system, calculates the performance status, calculates scores, and generates incidents 51098 Inbound from Aternity Management Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents 60097 Inbound from Aternity Management Server TCP Configures the system, calculates the performance status, calculates scores, and generates incidents Parent topic Choose the Network Topology Layout for Aternity on-premise 9.0.2 / 9.0.3