Firewall Requirements

Windows Firewall

The Windows Firewall has different default configurations based on the version of Windows Server.

In most cases, the File Dynamics installation enables the following firewall settings. In the rare circumstances where it does not, you will have to establish these manually.

Engine

  • The Engine must be permitted to make outbound connections.
  • The Engine must be able to listen on port 3009. This is the default port choice presented during the installation and configuration.
  • The default firewall rule for the Engine allows access to the application on any port it listens on.

File System Agent

  • The Agent must be permitted to make outbound connections.
  • The Agent must be able to listen on port 3011. This is the default port choice that is presented during the installation and configuration.
  • The default firewall rule for the Agent allows access to the application on any port it listens on.

Phoenix Agent

  • The Phoenix Agent must be permitted to make outbound connections.
  • The Phoenix Agent must be able to listen on port 3013. This is the default port choice that is presented during the installation and configuration.
  • The Phoenix Agent makes use of the Windows http.sys HTTP listener, so firewall rules must specify a port and not an application.
  • If you use the Phoenix Agent Configuration utility, it will adjust the listening port and the associated firewall rule.

Event Monitor

  • The Event Monitor component must be permitted to make outbound connections.

Data Owner Web Service

  • The Data Owner web service must be permitted to make outbound connections.

  • The Data Owner web service must be able to listen on port 3079. The is the default port choice that is presented during the installation and configuration.

  • The default firewall rule for the Data Owner web service allows access to the application on any port it listens on.

Admin Client

  • The Admin desktop client must be permitted to make outbound connections.

Resource Servers

  • On each Windows server hosting user or collaborative storage with managed quota, you must enable the Remote File Server Resource Manager Management - FSRM Service (RPC-In) firewall rule.

Other Services

The following services may run on Windows or Linux, so firewall rules management may vary depending on the service host.

SQL Server Database

  • The associated SQL Server instance hosting the File Dynamics database must listen on TCP/IP.

  • Currently only IPv4 addresses are supported.

  • The listening TCP/IP port (default port 1433) must be enabled for access in the firewall where SQL Server is running.

  • The Admin Client, Engine, and Phoenix Agents must all have access to the IP address and TCP port where SQL Server is listening.

CouchDB

  • The host where CouchDB is installed must allow inbound access for TCP port 5984 which is the default port for CouchDB.

  • The Engine, Data Owner Client web service, Phoenix Agent, and Admin Client must all have access to to the IP address and TCP port where CouchDB is listening.