SCSM Prerequisites Part 1 – Firewall Ports

In this series of posts I’ll be identifying all the prerequisites necessary to deploy and configure the Service Manager environment.  Part one identifies the required firewall ports.

There are two types of Management Server.  One is known simply as a Management Server and the other is known as the Data Warehouse Management Server.  Management Servers manage data in the live or operational database (ServiceManager) and Data Warehouse Management servers manage data held in the historical reporting databases (DWDataMart, DWRepository, DWStaggingAndConfig, Analysis, OMDW Data Mart, and CMDW Data Mart).  For the purpose of this blog post I have referred to Management Servers as Operational Management Servers and the Management Server database as the Operational DB.

Operational Management Server
Purpose From To Protocol Port
Management server database access All Operational Management Servers All SQL servers that host the Operational DB, including cluster names and AlwaysOn listeners as necessary TCP 1433
Management server console access Operational Management Servers Clients with the console installed Cireson Tier Watcher client application Management Servers designated as console servers in your design TCP 5724

 

Data Warehouse
Purpose From To Protocol Port
Data Warehouse database access All Operational Management Servers All Data Warehouse Management Servers All SQL servers that host the Data Warehouse DB, including cluster names and AlwaysOn listeners as necessary TCP 1433
Data Warehouse Analysis Services access All Operational Management Servers All Data Warehouse Management Servers All SQL servers that host the Data Warehouse Analysis Services, including cluster names and AlwaysOn listeners as necessary TCP 2383
Data Warehouse Reporting Services All Operational Management Servers All Data Warehouse Management Servers Web browser SQL Reporting Services server TCP 80 or 443

 

Web Portals
Purpose From To Protocol Port
Microsoft SCSM Self Service Portal database access Self service portal server All SQL servers that host the Operational DB, including cluster names and AlwaysOn listeners as necessary TCP 1433
Microsoft SCSM Self Service Portal client access Web browser Self service portal servers, including load balancers TCP 80, and/or 443
Cireson portal installer Point of download from Cireson website Internet TCP 443
Cireson console licensing application All Operational Management Servers Internet TCP 443
Cireson portal Cachebuilder database access All servers where the Cachebuilder is installed All SQL servers that host the Operational DB, including cluster names and AlwaysOn listeners as necessary TCP 1433
Cireson portal access Web browser Self service portal servers, including load balancers TCP 80, and/or 443

N.B. the Cireson portal installer, and Cireson console licensing application can be operated in an offline mode for servers in an environment that have restricted internent access.  The portal installer just needs to be executed on a computer that does have internet access so that the installer files are downloaded, then they can be copied to the portal server(s).  The console licensing app will need the license keys to be manually entered by an administrator that has internet access on another server or their PC.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s