3 of 3 people found this helpful
The answer to your last two questions is yes and yes.
Below are the steps on how the App Visibility Proxy communicates to the App Visibility Portal and App Visibility Collector(s):
Step 1) When installing the App Visibility Proxy, it will ask for the App Visibility Portal information (e.g. hostname and port number like 8100)
Step 2) After the App Visibility Proxy is installed and connects to the App Visibility Portal on port 8100 (or the designated Portal's port number), the App Visibility Portal will assign an App Visibility Collector to the App Visibility Proxy.
Note: If you have more than one App Visibility Collector in the environment then the App Visibility Portal will automatically assign an available App Visibility Collector to the App Visibility Proxy. There is not an option to configure the App Visibility Proxy to communicate with a particular App Visibility Collector.
Step 3) Now the App Visibility Proxy will send its data to the assigned App Visibility Collector on port 8200 (or the designated Collector’s port number).
Note: If that assigned App Visibility Collector is unavailable then the App Visibility Portal will reassign another App Visibility Collector to the App Visibility Proxy.
Many thanks Winsor. Now it’s clearer.
Continuing to understand ports and Communications... what about PROXY’s port 8300?
Do we need to open Communications from PORTAL/COLLECTORS to 8300?
In the documentation I saw that it’s ‘optional’ between PORTAL and PROXY… so… what’s the function of 8300? Is just used for internal communications?
Maybe a complete use case flow can help to understand better.
Port 8300 is used for communication to an App Visibility proxy from an App Visibility portal.
Below are two links to documentations explaining the network ports used by the App Visibility components:
I'm aware about documentation says, but in this case the question is .... is 8300 port Mandatory between PORTAL / PROXY? If you take a look on NETWORK COMMUNICATIONS pictures, there is a 'optional | administrative connection'.
In many cases the PROXY are located on DMZ zones and we have to be extremly accurated with the firewalls rules.
An example of 'flow' (for example, what's the flow when a beacon is received troguht 8305 port?) will help to understand the communications.