Skip to content
CA Business Service Insight - 8.3.5
Documentation powered by DocOps

Communication Protocols Overview

Last update July 13, 2015

CA Business Service Insight is a multi-tier application that you can deploy on any number of servers. Most deployments use the standard 3-tier model, which often includes firewalls between the physical servers for various purposes. Configure the firewalls to allow communication between the components.

Security Infrastructure

Process/Components

The following table shows the processes and components that communicate between zones:

Zone Process/Component Notes



Web
IIS Web Server Serves web content to the client browsers, and retrieves data from the Database.
   
COM+ components Performs actions on DB, retrieves data, and sends SMTP messages.
API Handles incoming web services requests
Authentication Service (SSO/LDAP) Handles external authentication requests.









Application
Adapters Listener Service Handles incoming Adapter connections from Adapter instances.
Adapter Deployment Service Deploys and controls the locally deployed managed adapters
Log Server Logs all incoming messages from BSI COM+ components and Application Services, such as TaskHost and Alerts.
Dashboard Service Updates the status and results of the dashboard components.
PSL Engine Calculates all service level results and provides information for other dependant application services, such as Dashboard, Alerts.
Report Scheduler Service Alerts Service (SMTP) Sends SMTP messages from the Application server.
Adapter Instances Connects to the data sources and handles the collection of raw data with the Adapter Listener Service.


Database
Oracle Database Stores and manages all application data.
Database Listener Handles incoming connections to the database.


External
Adapter Instances Connects to the data sources and handles the collection of raw data with the Adapter Listener Service.
Adapter Deployment Service Deploys and controls the remotely deployed managed Adapters. Runs on the same servers as each remotely deployed Adapter.

Ports and Protocols

The following tables lists the ports and protocols for CA Business Service Insight processes and components:

PROCESS (SOURCE) FW# DESTINATION PROTOCOL DEFAULT PORT(S) DIRECTION CHANGEABLE?
Web Zone Originating
IIS Web Server #2 Log Server
(Application Server)
TCP 4040 Outgoing Y
IIS Web Server #2 Adapter Deployment Service (Application Server) TCP 1008 Both Y
IIS Web Server #2 Dashboard Service
(Application Server)
.Net Remoting 8004 Both Y
IIS Web Server #5 Authentication Service/Server (External) SOAP/HTTP 4515 Both Y
IIS Web Server Email #5 SMTP Server (External) SMTP 25 Outgoing N
COM+ components #4 Database Server TCP (SQL *Net) 1521 Both Y
Application Zone Originating
Report Scheduler &
Alerts Services
#5 SMTP Server (External) SMTP 25 Outgoing N
All Guarantee Services
(such as Alert, Dashboard)
#3 Database Server TCP (SQL *Net) 1521 Both Y
Adapters (locally hosted) #5 External Data Sources TCP /File App Defined** Both Y
Adapters (remotely hosted) #5 External Data Sources TCP User Defined** Both Y
Adapter Listener #5 Remote Adapter Instance TCP User Defined** Both Y
Adapter Deployment     TCP User Defined* Both Y
External Zone Originating
Client PC (External) #1 IIS (Web Server) HTTP
(or HTTPS)
80 (443) Both Y
Adapter Instance (remotely hosted) #5 Adapter Listener (Application Server) TCP User Defined** Both Y
External Calling
Application/Machine
#5 API Service
(Web Server)
SOAP/HTTP 80 Both Y
Other



MSMQ (Microsoft Messaging Queuing) 
 

Adapter Listener

DashboardEngine

TCP 1801    
 

Log Server

TaskHost

RDP 135, 2101/2112, 2103/2114, 2105/2116    
 

Alerts

MSI Installer

PSLWriter

UDP 3527, 1801    
Tomcat       8007 standard port    
SOI/SSA
(Web Server with Tomcat)
  SOI Server TCP 7090    
Oblisync   CA Business Service Insight Installation TCP 8180    

* Configure the Adapter Deployment service port in the %OG_HOME%\bin\AdapterDeployment.exe.config file.

** Adapters must connect to external applications based on the requirements of the related data source, SQL or file-based access.

++ Adapters communicate according to ports defined in CA Business Service Insight. By default, the Adapter wizard automatically assigns ports starting upward from 6201. Configure the communication to initial from either the Adapter Instance or the Adapter Listener (Adapter->Listener, or Listener->Adapter). The ports may be important for Firewall configurations that use the Port Triggering feature.

The following table shows optional ports and communications that provide access for development and support, and enable the transfer of source data files:

PROCESS (SOURCE) FW# DESTINATION PROTOCOL DEFAULT PORT(S) DIRECTION CHANGEABLE?
External Zone Originating
Client PC (External) -
Remote Desktop
#1 Web Server and
Application Server
RDP 3389 Both Y
Client PC (External) - File System / Sharing++ #1 Web Server and
Application Server
Netbios/Samba over IP 137, 138, 139, 445 Both Y
Client PC (External) - FTP / SFTP** #1 Web Server and
Application Server
FTP/SFTP 21/22 Both Y

** FTP and SFTP require the installation of separate application software that CA Business Service Insight does not include. SFTP commonly runs over SSH on port 22.

++ These ports enable file system access to the machines. Expose these ports only trusted areas, as they open potential security holes.

Was this helpful?

Please log in to post comments.