Firewall ports when DesktopCentral is managing clients in a DMZ...
An article exists on the DC Web site called: How to set up Desktop Central in a Demilitarized Zone?
The article explains:
Ports to be Opened in DMZ:
When Desktop Central Server is installed in the DMZ, the following ports should be opened in the firewall to allow the Desktop Central Agents to communicate with the Desktop Central Server.
8020: Used for agent-server communication and to access the Web console
8383: Used for secured communication between the agent and the Desktop Central server
8443: Used to control computers remotely (secure mode)
8444: Used to control computers remotely
8031: Used to transfer files (secure mode)
8032: Used to transfer files
8383: Used for secured communication between the agent and the Desktop Central server
8443: Used to control computers remotely (secure mode)
8444: Used to control computers remotely
8031: Used to transfer files (secure mode)
8032: Used to transfer files
However, one critical piece of information which is missing is the direction in which these ports should be opened. For improved security between a company's DMZ and LAN it is best practice to only open ports in the direction they are specifically needed. Can somebody from the DesktopCentral team please confirm which direction these ports need to be opened? i.e. Port 8443 to remote control computers securely. Presumably the connection on this port will only ever be made from the LAN out to the DC managed clients in the DMZ. Also, file transfers may be done in either direction, between the LAN and DC managed systems in the DMZ. Therefore the article should state:
Port Direction Description
8443 LAN ----> DMZ Used to control computers remotely (secure mode)
8031 LAN <--> DMZ 8031: Used to transfer files (secure mode)
Thank you,
Deejerydoo