If you are hosting Asset Bank on your own servers then there are a number of options that are available to you, from hosting the whole stack on one server, to utilising your existing Web Tier and Database Cluster.
Asset Bank can run under the secure https protocol (port 443) or just over http (port 80). For incoming connections from the browser to the Webserver it is most common to use ssl and simply redirect all traffic, for that domain on port 80, to 443. This means that both of these ports should be open.
If the Webserver is not the same as the Application Server then either IIS or Apache will be using an AJP proxy to communicate with Tomcat on the application server over port 8009. Therefore, you will need to ensure that this port is open for communication between the servers.
If the database is not installed on the Application Server, and the database is MySQL/MariaDB then Asset Bank will be communicating with the database server over port 3306. Again, you will need to make sure that the communication through the firewall is allowed here. If the database is Microsoft SQL Server then the port will be the standard 1433. The SQL Server browsing port (1434) should also be allowed.
Asset Bank will send emails to its users to notify them of certain events, such as users registering or assets needing approval. An SMTP server, and if necessary, a port other than the default and a username and password can be specified in the ApplicationSettings.properties file. Details for Asset Bank's Active Directory integration, if this is a feature you have purchased, is also contained in this file, which is generally run over port 389.
There is an alternative upload method available to Asset Bank, which allows the usage of FTP. If this is required then port 21 will need to be opened. It is recommended to run the FTP server in Passive mode, so that both the command and data channels are opened by the client. This will require the opening of an additional port range. Ports 15000 to 15004 is the default port range for the VSFTPD server, which Asset Bank works well with on our hosted infrastructure.
To effectively support your application our Support team will need access to your Application server (from which we will need to be able to access the Database server) and Webserver. This is generally accomplished over ssh and Remote Desktop on Linux and Windows infrastructures, respectively. Please ensure that these ports remain open also.
In summary, your configuration may use any of the ports below for your installation:
- Webserver: 80, 443
- AJP Proxy: 8009
- MySQL/MariaDB: 3306
- Microsoft SQL Server: 1433, 1434
- SMTP: 25/587/465
- Active Directory: 389
- SSH: 22
- Remote Desktop: 3389
- FTP: 21 & 15000 to 15004
If you are running any non-standard ports in your infrastructure then please let us know about this in the installation phase as some configuration changes will need to be made to accommodate these.