Hitachi

Job Management Partner 1 Version 10 Job Management Partner 1/IT Desktop Management Overview and System Design Guide

4.2.9 Network prerequisites

The following describes the prerequisites for a network environment in whichJP1/IT Desktop Management is installed.

Important note

Whether communication is possible across a NAT, WAN, or VPN depends on the environment. Therefore, verify that communication is possible beforehand.

Important note

In a NAT environment, you can install an agent to manage a computer, but cannot perform operations for the agent, such as message notification or acquisition of the latest device information, whenever you want. If you attempt such operations, they are performed when a polling from the agent occurs.

Entire network

The TCP protocol ports used by JP1/IT Desktop Management andJP1/IT Desktop Management - Agent must be set up to accept incoming traffic. For details about the port numbers, see A.3 Port number list.

Network connection environment

The following describes the network connection environment for each system component.

For the management server:

The server must be connected to a wired LAN network.

For the site server:

The server must be connected to a wired LAN network.

For a computer on which the network monitor is enabled:

The computer must be connected to a wired LAN or a wireless LAN network. Note, however, that if the communication environment has been degraded, it might not be possible to block devices connected to a wireless LAN from the network. Therefore, we recommend that you connect the computer to a wired LAN network.

For a computer on which an agent has been installed:

The computer must be connected to a wired LAN, wireless LAN, WAN, or VPN network. Note, however, that devices connected to a wireless LAN cannot be turned off by using the power-off function. For details about power control, see 2.6.3 Controlling devices.

For an agentless computer:

The computer must be connected to a wired LAN, wireless LAN, WAN, or VPN network.

Network between the management server and managed computers

ICMP communication from the managed computers to the management server is required for optimum operation.

If ICMP communication from the management server to the managed computers is not possible, any operation attempted from the management server for a managed computer (such as software installation, message notification, and acquisition of the latest device information) is performed when a polling from the agent occurs.

Tip

In a DHCP environment, even if an IP address is dynamically assigned to the computer, the same IP address will not be registered twice in JP1/IT Desktop Management.

Network between the management server and the site server

ICMP communication from the site server to the management server is required for optimum operation.

If ICMP communication from the management server to the site server is not possible, the following restrictions apply.

Network between the site server and managed computers

ICMP communication from the managed computers to the site server must be possible.

Network between the management server and the database server

ICMP communication must be possible between the management server and database server.

The management server and the database server must be placed in the same network segment.

Network between the management server and computers used for window operations

To use the operation windows of JP1/IT Desktop Management on a computer other than the management server, an environment that allows HTTP communication via a Web browser is required.

Network with the Windows Firewall set

The following describes the settings required for each system component.

For the management server or the site server:

WhenJP1/IT Desktop Management or a site server program is installed in an environment in which the Windows firewall is enabled, the program is automatically allowed to pass the Windows firewall (registered as a firewall exception).

However, if the program was installed in an environment in which the Windows firewall was disabled, the program is not allowed to pass the firewall even if the Windows Firewall is subsequently enabled. In this case, execute the addfwlist.bat command on the management server or site server to allow communication through the Windows Firewall. The executable file of the command is stored in the following folder.

JP1/IT Desktop Management - Manager or site server program installation folder\mgr\bin\

For a computer on which the controller is installed:

When the controller is installed, it is automatically registered as a firewall exception. So, it can pass through the Windows firewall no matter whether the Windows firewall is enabled or disabled. No additional settings are required.

For a computer on which the agent is installed:

When the agent is installed, it is automatically registered as a firewall exception. So, it can pass through the Windows firewall no matter whether the Windows firewall is enabled or disabled. No additional settings are required.

For an agentless computer:

Add the TCP port (port number 445) to the Windows firewall exception list.

Related Topics:

To Page Top

Trademarks

All Rights Reserved. Copyright (C) 2013, 2014, Hitachi, Ltd.

Copyright, patent, trademark, and other intellectual property rights related to the "TMEng.dll" file are owned exclusively by Trend Micro Incorporated.