Search:
Advanced search
|
Firewall CollectorArticle ID: 78
Last updated: 18 Feb, 2015
DetailsContrary to the DB server, the Collector system is exposed to Internet because it has to communicate with the anonymizers (sometimes also with Google Maps). The DB server is located on an internal network. Requirements/Conditions/RestraintsInstructionsCollector configuration:
Three services run on the collector:
!!! ⇒ The reason why we speak of outgoing connection is that the Windows firewall is configured to ALLOW all outgoing connections and DENY all ingoing connections (all but the following two). When the RCS Collector service runs, it creates 2 rules in the Windows firewall:
The second rule is used to avoid leaving the port 80 open to all and filter only connections coming from the IP of the first anonymizer. It could happen that when you start the RCS Collector service, the anonymizer chain is not yet configured. In this case the rule no. 2 cannot be created because the first anonymizer IP address is not yet known.
|