Standard Gateway System Prerequisites
Ensure that you have the following information before you begin installing the gateway:
•The name of the gateway (this is usually populated automatically).
•The name of the domain on which the gateway will install clients.
•Any associated subnets.
•The local path of the Neurons for ITSM agent deployment share.
• The account name and password on the computers to which the gateway deploys. The account must have administrative privileges on the client computers.
•The client access key. The Neurons for ITSM gateway installer package contains a unique client access key used to authenticate incoming data from the customer. (This is provided automatically during the installation.)
The following operating systems can be used to install Neurons for ITSM standard gateways:
•Windows 7 and later operating systems.
•Domain administrator rights or local administrator rights for each machine that will be audited.
•For on-premise installations, turn off or disable user access control.
•Open ports to facilitate network access.
Before performing the inventory management activities, open the appropriate network ports for the gateway to communicate effectively with the domain controller. In your firewall settings for the service, enter the appropriate port and select the protocol option (see the following table).
To properly deploy multiple processes with heavy CPU usage (such as Discovery imports or daily user synchronization), and to balance resource utilization, we recommend a separate dedicated machine for the gateway.
The following port and protocol requirements are used for set up, discovery, and audit activities in Discovery:
|
Application |
Process |
Activity |
Port |
Protocol |
Endpoint |
|
Gateway and client installation |
setup.exe |
Installation |
80 |
http |
SaaS web server |
|
SaaS IM Gateway |
Active directory scan |
Discovery |
389 |
LDAP |
Active directory server in the local domain |
|
SaaS IM Client |
LanProbe |
Discovery |
161 |
SNMP |
Devices on the network |
|
SaaS IM Client |
Audit message transport |
Audit |
443 |
SOAP messages over https |
SaaS IM service |
| MDI Server | Bind SSL certificate | Discovery | HTTPS | ||
|
SaaS IM Gateway |
WMI Scan |
Audit |
135 |
RPC |
Selected computer |
|
SaaS IM Client |
Proxy |
Audit |
8097 |
http |
Proxy |
| Gateway Installation | IP address with the URL of the gateway | Discovery | 8097 | Proxy | |
| MDI Server | iOS inbound communications | Discovery | 8734 | ||
| Telnet | Checks net.tcp configuration | Check IP address or domain | 7100 | IP address or domain | |
|
Gateway |
Communicate | Discovery | 53 | UDP (for DNS) or TCP | Domain Controller |
| MDI Server | Communicate | Discovery | 1433 | Ivanti HEAT Discovery app server |