This is a follow on to Part 1: FNMS-Data-Flow-Introduction
So this part will cover some of the considerations i have been asked when setting up FNMS. I know there are more considerations, and i will add to them in due time.
Since all components communicate to each other, there needs to be two-way communication between each component. Especially Agent to Beacon, and Beacon to inventory/batch server. This means that you will need to configure your firewall to all incoming and outgoing communication between components over which ever port you choose.
This is a consideration you will have to undertake, whether you use the regular ports of 80 and 443 or whether you use noncommon ports is up to you. As stated above you will need to make sure that whatever port you choose needs to be opened both directions.
For additional Port numbers used check the online help here:
There are multiple different layouts when configuring an FNMS environment. A few of these would look like the following:
This is the most common setup, as it requires less servers to be configured, and is the easiest to configure. Since all the components are installed on a single server. This however request the most amount of processing power and resources on a single machine. You could change this setup to have the database on a separate server than on the server with the FNMS components on. That way would be more optimal and not that hard to configure.
2 Server Setup: batch, inventory installed on 1 and application server installed on another
This setup sees that the batch and inventory are sitting on the same server, and the application is on its own. This configuration is the second easiest way to setup FNMS, and probably the most optimal in that it requires less servers to be setup than the 3 server setup and is less complicated to setup.
As you can see from the image above, each component sits on its own server. This setup carries the best performance but can be a little tricky to setup. If not configured correctly during installation.
This setup is where you have multiple beacons in a parent – child setup. This is for customers that have complex environments, that need different beacons in different regions around the world. It can also be used as sort of a load balancing or in some instances a DMZ setup.
Setting up a child beacon is similar to setting up a normal beacon, however when configuring the beacon from within the FNMS UI, you would select the beacon that it would report to as the parent beacon. See https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/Beacon-Configuration-Child-to-Parent... for more details
Although we cannot tell you what you need to secure your DMZ, we can advise on how to set up FNMS. There are a few approaches you can take, two of them are similar in the steps you take to configure the beacon. However, depending on what you have setup within your estate will alter which approach to take.
This approach would be to setup a proxy in which your users laptops would access that would forward to your beacon
This would be to setup your beacon to have an alias which would have an outside name that would be handled by our DNS
This would be to create records within the beacon table, however this would not be practical as this would show the beacons within the UI, that would show as never connected.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.