Currently we have SDM 17.1.02 windows 2012, with Conventional Configuration.
SDM APPs servers are in same firewall zone while Analysts are outside of the firewall.
To add and test xFlow with Insight, what ports needs to open in firewall for analyst to be able to access all xflow and insight features [exclude ports accessed by apps/search/collaborration/jasper servers ...]
Per Supported Port list following looks relevant but not sure if all ports need to open
Incident Service Port looks to be a typo, it should be 9004.
Users will only access the UI through 9002, the other ports are required for the microservice components to communicate with each other.
Yes I agree.
As 9002 is used for end users to access the xFlow app, you certainly don't want firewall block it.
A simple fiddler trace will show, that not only 9002 is in use by the xFlow UI.
I assume the following:
from a UI perspective you need to open
9002 : base UI
9006 : microservice for elastic search wrapping
9008 : websocket for notifications
9014 : collaboration
9016 : insights
8080 : for access to standard web UI, beside all other standard UI ports
Please check and confirm
Here is my observation, once connected from a client PC to xflow Interface and switching to service point [search key word] then switch to Insights;
Running netstat showed
Client PC is connected to xflow server at 9002,9006,9008,9014,9016
I have separate search server but did not see any direct connection from client.
Thank you !!, that fits to my expectations.
For search services port 9006 is used as an external accessible microservice. Internally (app server to es server), I assume the normal elastic search server port gets used, but this is hided to the outside.
Thanks you all. Planning to use custom port 8080 instead of 9002.