Internal communications and firewall ports: Difference between revisions

From wiki.comcert.com
Jump to navigation Jump to search
VisualWikitext
No edit summary
No edit summary
 
(25 intermediate revisions by the same user not shown)
Line 2: Line 2:
== Introduction ==
== Introduction ==


Whithin a distributed nG1 environment the following internal communication has to be taken in account. Individual access to Service Enablers like NTP and DNS is mandatory. Please note that if external authentication like LDAP or RADIUS is used, it is configured at NGGM, NGFF and NGLS.
These intra-nGeniusONE system communications must be allowed by every firewall and ACL in the path between the nGeniusONE servers and its data sources (Flow Collector, InfiniStream, vStream, vStream Agent, ...).  All servers require stable communication with DNS and NTP.  If you choose to use external user authentication (AD, LDAP, RADUIS, TACACS, ...), access to these authentication servers is required only for nGenius Server or nGenius Global Manager, nGenius For Flows and nGenius Local Server.
 
Access to all servers is typically done using SSH on Linux (tcp/22) and RDP on Windows (tcp/3389).  InfiniStream and Flow Collector are always Linux-based OS.
 
 


== Solution ==
== Solution ==


=== Legend: ===
=== Standalone nGeniusONE Server (just one nGenius server) ===
 
<span style="color:#0000FF;">* vSTREAM Agent packet streaming option</span>


{| border="1" cellpadding="1" cellspacing="1" style="width: 238px;"
[[File:NG1Standalone.png|border|center|NG1Standalone.png]]
|-
| style="width: 52px;" | NGGM
| style="width: 173px;" | nGenius Global Manager
|-
| style="width: 52px;" | NGFF
| style="width: 173px;" | nGenius for Flows
|-
| style="width: 52px;" | NGLS
| style="width: 173px;" | nGenius Local Server
|-
| style="width: 52px;" | FC
| style="width: 173px;" | Flow Collector
|-
| style="width: 52px;" | IS
| style="width: 173px;" | InfiniStream
|}


&nbsp;
&nbsp;


[[File:nGOInternalCommunication.jpg|border|center|nGOInternalCommunication.jpg]]
=== Distibuted nGeniusONE Server&nbsp;(at least two&nbsp;nGenius servers) ===
 
<span style="color:#0000FF;">* vSTREAM Agent packet streaming option&nbsp;</span>
 
[[File:NG1Distributed.png|border|center|NG1Distributed.png]]

Latest revision as of 13:16, 15 April 2022

Introduction

These intra-nGeniusONE system communications must be allowed by every firewall and ACL in the path between the nGeniusONE servers and its data sources (Flow Collector, InfiniStream, vStream, vStream Agent, ...).  All servers require stable communication with DNS and NTP.  If you choose to use external user authentication (AD, LDAP, RADUIS, TACACS, ...), access to these authentication servers is required only for nGenius Server or nGenius Global Manager, nGenius For Flows and nGenius Local Server.

Access to all servers is typically done using SSH on Linux (tcp/22) and RDP on Windows (tcp/3389).  InfiniStream and Flow Collector are always Linux-based OS.

 

Solution

Standalone nGeniusONE Server (just one nGenius server)

* vSTREAM Agent packet streaming option

NG1Standalone.png
NG1Standalone.png

 

Distibuted nGeniusONE Server (at least two nGenius servers)

* vSTREAM Agent packet streaming option 

NG1Distributed.png
NG1Distributed.png
Retrieved from "https://wiki.comcert.com/index.php?title=Internal_communications_and_firewall_ports&oldid=7779"