Communication Protocols Overview

is a multi-tier application that you can deploy on any number of servers. Most deployments use the standard 3-tier model, which often includes firewalls between the physical servers for various purposes. Configure the firewalls to allow communication between the components.
bsi835
CA Business Service Insights
is a multi-tier application that you can deploy on any number of servers. Most deployments use the standard 3-tier model, which often includes firewalls between the physical servers for various purposes. Configure the firewalls to allow communication between the components.
Security Infrastructure
Security Infrastructure
Process/Components
The following table shows the processes and components that communicate between zones:
Zone
Process/Component
Notes
Web
IIS Web Server
Serves web content to the client browsers, and retrieves data from the Database.
COM+ components
Performs actions on DB, retrieves data, and sends SMTP messages.
API
Handles incoming web services requests
Authentication Service (SSO/LDAP)
Handles external authentication requests.
Application
Adapters Listener Service
Handles incoming Adapter connections from Adapter instances.
Adapter Deployment Service
Deploys and controls the locally deployed managed adapters
Log Server
Logs all incoming messages from BSI COM+ components and Application Services, such as TaskHost and Alerts.
Dashboard Service
Updates the status and results of the dashboard components.
PSL Engine
Calculates all service level results and provides information for other dependant application services, such as Dashboard, Alerts.
Report Scheduler Service Alerts Service (SMTP)
Sends SMTP messages from the Application server.
Adapter Instances
Connects to the data sources and handles the collection of raw data with the Adapter Listener Service.
Database
Oracle Database
Stores and manages all application data.
Database Listener
Handles incoming connections to the database.
External
Adapter Instances
Connects to the data sources and handles the collection of raw data with the Adapter Listener Service.
Adapter Deployment Service
Deploys and controls the remotely deployed managed Adapters. Runs on the same servers as each remotely deployed Adapter.
Ports and Protocols
The following tables lists the ports and protocols for
CA Business Service Insights
processes and components:
PROCESS (SOURCE)
FW#
DESTINATION
PROTOCOL
DEFAULT PORT(S)
DIRECTION
CHANGEABLE?
Web Zone Originating
IIS Web Server
#2
Log Server
(Application Server)
TCP
4040
Outgoing
Y
IIS Web Server
#2
Adapter Deployment Service (Application Server)
TCP
1008
Both
Y
IIS Web Server
#2
Dashboard Service
(Application Server)
.Net Remoting
8004
Both
Y
IIS Web Server
#5
Authentication Service/Server (External)
SOAP/HTTP
4515
Both
Y
IIS Web Server Email
#5
SMTP Server (External)
SMTP
25
Outgoing
N
COM+ components
#4
Database Server
TCP (SQL *Net)
1521
Both
Y
Application Zone Originating
Report Scheduler &
Alerts Services
#5
SMTP Server (External)
SMTP
25
Outgoing
N
All Guarantee Services
(such as Alert, Dashboard)
#3
Database Server
TCP (SQL *Net)
1521
Both
Y
Adapters (locally hosted)
#5
External Data Sources
TCP /File
App Defined**
Both
Y
Adapters (remotely hosted)
#5
External Data Sources
TCP
User Defined**
Both
Y
Adapter Listener
#5
Remote Adapter Instance
TCP
User Defined**
Both
Y
Adapter Deployment
TCP
User Defined*
Both
Y
External Zone Originating
Client PC (External)
#1
IIS (Web Server)
HTTP
(or HTTPS)
80 (443)
Both
Y
Adapter Instance (remotely hosted)
#5
Adapter Listener (Application Server)
TCP
User Defined**
Both
Y
External Calling
Application/Machine
#5
API Service
(Web Server)
SOAP/HTTP
80
Both
Y
Other
MSMQ (Microsoft Messaging Queuing)
Adapter Listener
DashboardEngine
TCP
1801
Log Server
TaskHost
RDP
135, 2101/2112, 2103/2114, 2105/2116
Alerts
MSI Installer
PSLWriter
UDP
3527, 1801
Tomcat
8007 standard port
SOI/SSA
(Web Server with Tomcat)
SOI Server
TCP
7090
Oblisync
CA Business Service Insights
Installation
TCP
8180
* Configure the Adapter Deployment service port in the %OG_HOME%\bin\AdapterDeployment.exe.config file.
** Adapters must connect to external applications based on the requirements of the related data source, SQL or file-based access.
++ Adapters communicate according to ports defined in
CA Business Service Insights
. By default, the Adapter wizard automatically assigns ports starting upward from 6201. Configure the communication to initial from either the Adapter Instance or the Adapter Listener (Adapter->Listener, or Listener->Adapter). The ports may be important for Firewall configurations that use the Port Triggering feature.
The following table shows optional ports and communications that provide access for development and support, and enable the transfer of source data files:
PROCESS (SOURCE)
FW#
DESTINATION
PROTOCOL
DEFAULT PORT(S)
DIRECTION
CHANGEABLE?
External Zone Originating
Client PC (External) -
Remote Desktop
#1
Web Server and
Application Server
RDP
3389
Both
Y
Client PC (External) - File System / Sharing++
#1
Web Server and
Application Server
Netbios/Samba over IP
137, 138, 139, 445
Both
Y
Client PC (External) - FTP / SFTP**
#1
Web Server and
Application Server
FTP/SFTP
21/22
Both
Y
** FTP and SFTP require the installation of separate application software that
CA Business Service Insights
does not include. SFTP commonly runs over SSH on port 22.
++ These ports enable file system access to the machines. Expose these ports only trusted areas, as they open potential security holes.