FNMS Data Flow: Part 2: Considerations

mcavanagh
Flexera
Flexera
2 1 357

This is a follow on to Part 1: FNMS-Data-Flow-Introduction 

So this part will cover some of the considerations i have been asked when setting up FNMS. I know there are more considerations, and i will add to them in due time. 

Two Way Communication 

Port Numbers 

Setup Types 

Setting up a Child Beacon: 

Setting up a DMZ: 

 

Two Way Communication

Since all components communicate to each other, there needs to be two-way communication between each component. Especially Agent to Beacon, and Beacon to inventory/batch server. This means that you will need to configure your firewall to all incoming and outgoing communication between components over which ever port you choose.

Port Numbers

This is a consideration you will have to undertake, whether you use the regular ports of 80 and 443 or whether you use noncommon ports is up to you. As stated above you will need to make sure that whatever port you choose needs to be opened both directions.

For additional Port numbers used check the online help here:

https://docs.flexera.com/fnms2019r1/EN/WebHelp/index.html#topics/FIB-PortsAndURLs.html

Setup Types

There are multiple different layouts when configuring an FNMS environment. A few of these would look like the following:

Single Server Setup: Inventory, batch, and application installed on single device

Single Server.PNG

 

This is the most common setup, as it requires less servers to be configured, and is the easiest to configure. Since all the components are installed on a single server. This however request the most amount of processing power and resources on a single machine. You could change this setup to have the database on a separate server than on the server with the FNMS components on. That way would be more optimal and not that hard to configure.

 

2 Server Setup:  batch, inventory installed on 1 and application server installed on another

2 server.PNG

 

This setup sees that the batch and inventory are sitting on the same server, and the application is on its own. This configuration is the second easiest way to setup FNMS, and probably the most optimal in that it requires less servers to be setup than the 3 server setup and is less complicated to setup. 

3 Server Setup: components installed on separate servers

3 server setup.PNG

 

As you can see from the image above, each component sits on its own server. This setup carries the best performance but can be a little tricky to setup. If not configured correctly during installation.  

Multi-level beacon setup

multi.PNG

 

This setup is where you have multiple beacons in a parent – child setup. This is for customers that have complex environments, that need different beacons in different regions around the world. It can also be used as sort of a load balancing or in some instances a DMZ setup.

Setting up a Child Beacon:

Setting up a child beacon is similar to setting up a normal beacon, however when configuring the beacon from within the FNMS UI, you would select the beacon that it would report to as the parent beacon.  See https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/Beacon-Configuration-Child-to-Parent... for more details

Setting up a DMZ:

Although we cannot tell you what you need to secure your DMZ, we can advise on how to set up FNMS. There are a few approaches you can take, two of them are similar in the steps you take to configure the beacon. However, depending on what you have setup within your estate will alter which approach to take.

Reverse Proxy

This approach would be to setup a proxy in which your users laptops would access that would forward to your beacon

https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/How-to-enable-Beacon-Reverse-Proxy-S...

 

Beacon Network Name (Alias)

This would be to setup your beacon to have an alias which would have an outside name that would be handled by our DNS

https://community.flexera.com/t5/FlexNet-Manager-Knowledge-Base/How-to-configure-the-beacon-to-use-a...

 

Dummy Beacon Records

This would be to create records within the beacon table, however this would not be practical as this would show the beacons within the UI, that would show as never connected.

 

1 Comment
fstewart2
Occasional contributor

Great series!  Look forward to the rest as well.  One suggestion:  add locations for logs for each of the elements/steps in the processes.  Would help with understanding the "happy path" as well as troubleshooting when things fail.