Considering security and firewalls

Based on the security information you obtained earlier, you must plan design solutions so that the applications can function properly in the network’s security environment:
  • Configure security policies (rules) to enable a one-way connection from the FLEXnet license server and the Broker to the various applications.
    For communication between
    s across firewalls, plan on opening a hole in the firewall for the
    VMware Smart Assurance
    communications. Certain UDP and TCP ports must be opened for proper communications:
    • : Port 426
    • License Manager: Port 1744
    • : one port each, which can be configured
    • Adapters, including
      SNMP Trap Adapter
      and Syslog Adapter. The
      provides details.
  • Consider proxy servers when communicating with
    VMware Smart Assurance
    applications that reside behind firewalls. Using a proxy server reduces the number of firewall ports that need to be opened to one firewall port.
    “Configuring the Java clients to use a proxy server” on page 86
    provides additional information on the procedure to configure the Java clients to use a proxy server.
  • If access lists are used, plan on deploying the IP addresses of hosts that include
    s to the access list of devices that will be managed.
    VMware Smart Assurance
    applications must have full access to browse the MIBs of the devices. The
    lists the specific MIBs. Depending on the network size and complexity, this may require scheduling to obtain support from the organization’s network personnel.
  • You must have a listing of SNMP versions and related security parameter values that are used by specific devices in the organization’s network. Due to security concerns, it may not be appropriate to include them in the deployment build guide.