Home » Installation and Setup

Prerequisites


Prerequisites applicable for Firewall Analyzer version 7.5 (Build 7500) onwards

Prerequisites applicable for Firewall Analyzer version 7.4 (Build 7400) or earlier

Prerequisites applicable for Firewall Analyzer version 7.5 (Build 7500) onwards

This topic deals with the following prerequisites for setting up Firewall Analyzer in your enterprise.

Ports to be Freed

Firewall Analyzer requires the following ports to be free:

Port Number Protocol Usage
8500 HTTP This is the default web server port. You will access the Firewall Analyzer server from a web browser using this port number. You may change this port during installation.
514, 1514 UDP These are the default listener ports on which Firewall Analyzer listens for incoming logs exported from devices. You can add more ports on which Firewall Analyzer can listen for incoming logs.
33336 PostgreSQL This is the port used to connect to the PostgreSQL/MySQL database in Firewall Analyzer

 

Look up Changing Default Ports for help on changing the default ports used by Firewall Analyzer

 

Recommended System Setup

Apart from the System Requirements, the following setup would ensure optimal performance from Firewall Analyzer:

  • Run Firewall Analyzer on a separate, dedicated machine. The software is resource-intensive and a busy processor may slow down log collection.
  • Use the PostgreSQL bundled with Firewall Analyzer that runs on port 33336. You need not start another separate instance of PostgreSQL.

Changing Default Ports

Changing the default PostgreSQL port:

 

  • Open the database_param.conf file which is under <Firewall Analyzer Home>\conf directory and replace 33336 (PostgreSQL default port number) in url tag with the <desired port number> to which you want the application to listen the PostgreSQL database

url=jdbc:postgresql://localhost:33336/firewall?stringtype=unspecified

to

url=jdbc:postgresql://localhost:<desired port number>/firewall?stringtype=unspecified

  • Save the file

Changing the default web server port:

  • Open the server.xml file present in the <Firewall Analyzer Home>/conf directory and replace 8500 (HTTP default port number) in connector tag of <Service name="Catalina"> section with the <desired HTTP port number> to which you want the application to use for HTTP communication

<Connector acceptCount="100" connectionTimeout="20000" debug="3" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="8500" redirectPort="8443"/>

to

<Connector acceptCount="100" connectionTimeout="20000" debug="3" disableUploadTimeout="true" enableLookups="false" maxSpareThreads="75" maxThreads="150" minSpareThreads="25" port="<desired port number>" redirectPort="8443"/>

  • Save the file and restart the server.

 

Permission to access PostgreSQL to troubleshoot

  • Open the pg_hba.conf file which is under <Firewall Analyzer Home>\pgsql\data directory and add the line

host all all <IP address of the remote machine to be used to trouble shoot>/32 trust

 

after the line

 

host all all 127.0.0.1/32 trust

 

and save the file.

    # TYPE DATABASE USER ADDRESS METHOD

     

    # IPv4 local connections:

    host all all 127.0.0.1/32 trust

    # IPv6 local connections:

    host all all ::1/128 trust

     

    to

     

    # TYPE DATABASE USER ADDRESS METHOD

     

    # IPv4 local connections:

    host all all 127.0.0.1/32 trust

    host all all <IP address of the remote machine to be used to trouble shoot>/32 trust

    # IPv6 local connections:

    host all all ::1/128 trust

     

Prerequisites applicable for Firewall Analyzer version 7.4 (Build 7400) or earlier

 

Recommended System Setup

Apart from the System Requirements, the following setup would ensure optimal performance from Firewall Analyzer:

  • Run Firewall Analyzer on a separate, dedicated PC or server. The software is resource-intensive, and a busy processor may cause problems in collecting logs.
  • Use the MySQL bundled with Firewall Analyzer that runs on port 33336. You need not start another separate instance of MySQL.

Changing Default Ports

Changing the default MySQL port:

  1. Edit the mysql-ds.xml file present in the <FirewallAnalyzer_Home>/server/default/deploy directory.
  2. Change the port number in the following line to the desired port number:
    <connection-url>jdbc:mysql://localhost:33336/firewall</connection-url>

  3. Save the file and restart the server.

Changing the default web server port:

  1. Edit the sample-bindings.xml file present in the <FirewallAnalyzer_Home>/server/default/conf directory.
  2. Change the port number in the following line to the desired port number:
    <binding port="8500"/>
  3. Save the file and restart the server.

 

Copyright © 2014, ZOHO Corp. All Rights Reserved.
ManageEngine