Hello, I'm working on a new SolarWinds implementation with many of their products in scope. I have information, but it's a bit limited for port communication via pollers and servers. I've based my firewall changes on the SolarWinds Port Requirements, but I'm being asked for more specific reasoning.
Could someone please direct me to another doc/URL that has some info below or is there anyone that can answer for me?
I've inherited the project that they've been attempting for a few years, so any guidance is immensely appreciated.
Why do SolarWinds Polling Servers need to establish communication to End Hosts for Ports that are typically reserved for Server Services.
Yes, it'll be on the other side of the firewall, but only for certain servers, networks/VLANS (i.e. DMZ and PCI compliance). There are two data centers and both have pollers for each side, which will also function as HA/failover in the event of DR. To get us started, we want to monitor the essentials like ICMP, SNMP, and WinRM. I don't think we're looking at server agents currently for polling.
This is a HUGE "it depends" situation.
A) Start with getting things installed. You will have 3 important pieces. 1) Main polling engine, 2) Web server, and 3) SQL server.
It's possible that in a smaller setup you will be doing all 3 on the same server. If that is true, or if all of them are on the same network without a firewall between them, then put a big green check on this... it's good. If it's a larger setup, then we need to understand it more.
B) How about the people using Orion, can they get to the web server? If it's through a firewall, then it's http/80 and https/443 from the desktops to the orion web server. (assuming we are not getting proxies or load balancers involved)
C) Now what are you going to monitor and how? and specifically what things are you going to monitor that are on the other side of a firewall. There are a LOT of options here. This is the NPM forum, but will you also have SAM? You have choices like SNMP, WMI, or the Agent (and the agent can initiate the connection from the polling engine or the agent. This is important to your security team and firewall rules).
And that is just the tip of the proverbial iceberg.
No, this will be a larger deployment, so SQL and polling servers are separate. Once complete, do users connect to the Web interface of the polling server or is there another server that should be designated? Most likely they'll connect via HTTPS via CNAME. I'm not certain on proxies and load balancers yet. The SQL servers will be configured in failover clusters as we're using some for the pollers at two different sites and another SQL cluster strictly for DPA. We're going to use HA, IPAM, NTA, NCM, NPOM, NTM, SRM, and VMAN to name a few. SNMP, ICMP, and WMI/WinRM will be monitored.
SolarWinds solutions are rooted in our deep connection to our user base in the THWACK® online community. More than 150,000 members are here to solve problems, share technology and best practices, and directly contribute to our product development process. Learn more today by joining now.