Understanding Firewall Requirements for System Center Operations Manager 2007 R2
Specific Firewall Ports for OpsMgr Communications
By Rand Morimoto on Fri, 04/09/10 - 8:24pm.We're frequently asked what firewall ports need to be opened and what protocols are communicated between servers in a System Center Operations Manager envrionment. This gets a little more detailed than many people might care to know about, however it's amazing how often we have to dig this up and forward to people when designing or rolling out OpsMgr, so here you go...
OpsMgr servers that are deployed across a firewall have special considerations that must be taken into account. Port 5723, the default port for OpsMgr communications, must specifically be opened on a firewall to allow OpsMgr to communicate across it.
The following Table describes communication ports for this and other OpsMgr components. The first reference is FROM, the second reference is TO, and the third reference is PORT:
Agent Root Management Server 5723
Agent Management server 5723
Agent Gateway server 5723
Agent (ACS forwarder) Management server ACS collector 51909
Gateway server Root Management Server 5723
Gateway server Management server 5723
Management or Gateway server UNIX or Linux computer 1270
Management or Gateway server UNIX or Linux computer 22
Management server Operations Manager database 1433
Management server Root Management Server 5723, 5724
Management server Reporting data warehouse 1433
Management server ACS collector ACS database 1433
Operations Console Root Management Server 5724
Operations Console (reports) SQL Server Reporting Services 80
Reporting Server Root Management Server 5723, 5724
Reporting Server Reporting data warehouse 1433
Root Management Server Operations Manager database 1433
Root Management Server Reporting data warehouse 1433
Web console browser Web console server 51908
Web console server Root Management Server 5724
The firewall port for the agents is the port that needs to be opened most often, which is only port 5723 from the agent to the management servers for monitoring. Other ports, such as 51909 for ACS, are more rarely needed.
This posting is 1 of a monthlong series of postings on the Microsoft System Center family of products. This is an excerpt from my book "System Center Enterprise Unleashed" with more postings on the System Center family of products up at http://www.networkworld.com/community/morimoto
- About Secrets of Windows Back Office Servers
Rand Morimoto has been in the computer industry for more than 30 years and has authored, co-authored, or been a contributing writer for a couple dozen books on Microsoft Windows, Security, Exchange email, BizTalk Server, and remote and mobile computing. Rand is the president of Convergent Computing, an IT consulting firm that has been one of the key early adopter program partners with Microsoft, implementing beta versions of Microsoft technologies 2-3 years before the product releases to the public. This provides Rand and the consultants in his company extensive knowledge on the technologies long before the products are generally available.
Besides speaking at more than 50 conferences and conventions around the world in the past year on tips, tricks, and best practices on planning, migrating, and implementing technologies, Rand is also head judge for the worldwide Imagine Cup competition, is a Board member for the Chabot Space and Science Center and planetarium, and a Regent for the Board of Saint Mary's College of California.
Rand's book Exchange Server 2010 Unleashed was selected as the November, 2009, book of the month book giveaway. Read a free sample chapter of this book,, hosted exclusively by Microsoft Subnet. Buy the book now from InformIT.
Rand's book Windows Server 2008 R2 Unleashed was selected as the Microsoft Subnet January, 2010, book giveaway. Read an excerpt of Windows Server 2008 R2 Unleashed hosted by Microsoft Subnet
Rand's latest book, Microsoft System Center Enterprise Suite Unleashed has been selected as the April, 2010, Microsoft Subnet book giveaway. Read an excerpt of Microsoft System Center Enterprise Suite Unleashed.
Enter the monthly book giveaway contest. Entry form and details are on the Microsoft Subnet home page.
Most Discussed Posts
-
Network World, Inc
The Connected Enterprise