Clarity Service Management

Expand all | Collapse all

Firewall Ports  for  xFlow/Insight Analyst

Jump to Best Answer
  • 1.  Firewall Ports  for  xFlow/Insight Analyst

    Posted 03-11-2019 06:55 PM

    Currently we have SDM 17.1.02 windows 2012, with Conventional Configuration.

    SDM APPs servers are in same firewall zone while Analysts are outside of the firewall.

     

    To add and test xFlow with Insight,  what  ports needs to open in firewall for analyst to be able to  access  all xflow and insight features [exclude ports accessed by apps/search/collaborration/jasper servers ...]

    Per Supported Port   list  following looks relevant but not sure if  all ports need to open

     

    xFlow Interface

    • Web Server Port: 9002
    • Incident Service Port: 9002 [ same as web server port??]
    • Search Service Port: 9006
    • Notification Search Service Port (requires Web Sockets Protocol): 9008
    Insights Services Port
    • 9016
    Search Server
    • HTTP Port: 9012
    • TCP Port: 9300
    Collaboration Server
    • Service Port: 9014
    • Server Port: 5222
    • Cluster: 54327

     

    SKH



  • 2.  Re: Firewall Ports  for  xFlow/Insight Analyst

    Posted 03-19-2019 10:36 AM

    Hi Santosh,

     

    Incident Service Port looks to be a typo, it should be 9004.

     

    Users will only access the UI through 9002, the other ports are required for the microservice components to communicate with each other.

     

    Thanks,
    Scott



  • 3.  Re: Firewall Ports  for  xFlow/Insight Analyst

    Posted 03-19-2019 12:13 PM

    Yes I agree.

    As 9002 is used for end users to access the xFlow app, you certainly don't want firewall block it.



  • 4.  Re: Firewall Ports  for  xFlow/Insight Analyst
    Best Answer

    Posted 03-19-2019 01:00 PM

    A simple fiddler trace will show, that not only 9002 is in use by the xFlow UI.

    I assume the following:

    from a UI perspective you need to open

    9002 : base UI

    9006 : microservice for elastic search wrapping

    9008 : websocket for notifications

    9014 : collaboration

    9016 : insights

    8080 : for access to standard web UI, beside all other standard UI ports

     

    Please check and confirm

    Thanks

    ...........Michael



  • 5.  Re: Firewall Ports  for  xFlow/Insight Analyst

    Posted 05-16-2019 02:18 PM

    MIke

    Here  is  my observation, once connected from a client PC to xflow Interface and switching to service point [search key word] then switch to  Insights;

    Running netstat showed

    Client PC is connected to xflow server at 9002,9006,9008,9014,9016

    I have  separate search server but did not see any direct connection from client.

     

    Thanks



  • 6.  Re: Firewall Ports  for  xFlow/Insight Analyst

    Posted 05-19-2019 11:46 AM

    Thank you !!, that fits to my expectations.

    For search services port 9006 is used as an external accessible microservice. Internally (app server to es server), I assume the normal elastic search server port gets used, but this is hided to the outside.



  • 7.  Re: Firewall Ports  for  xFlow/Insight Analyst

    Posted 04-01-2019 02:51 PM

    Thanks you all. Planning to use custom port 8080 instead of 9002.