Chapter 2. Implementation planning 87
Table 2-10 RC Proxy network ports for firewall 2 - Solution A
Table 2-11 RC Proxy network ports for firewall 3 - Solution A
The solution presented in this section allows the Controllers in the External and
Internal network zones to access Targets in the Internal and Servers zone.
However, this solution implies the deployment of the both Standalone and
Non-Standalone architectures.
In the next section, we present an alternative solution for CSI that can be simpler
and has requires less components and port to be opened in the firewalls.
However, this solution requests some changes at the Tivoli Framework physical
design, which is not always feasible in production environments.
Source Destination Protocol Description
Type
(Service)
Ports Type
(Service)
Ports
Controller
Proxy A
(rcproxy)
8100-
8110
Relay A2
(Relay)
8114 TCP Firewall rule
needed.
Initiated at service
startup time
Relay A2
(Relay)
8112-
8113
Controller Proxy A
(rcproxy)
8111 TCP Firewall rule
needed.
Initiated at service
startup time.
Relay B2
(Relay)
9213 Relay B1
(Relay)
9214 TCP Firewall rule
needed.
Initiated at service
startup time.
Polling interval is
2 seconds.
Source Destination Protocol Description
Type
(Service)
Ports Type
(Service)
Ports
Controller Proxy B
(rcproxy)
9200-
9210
Relay B2
(Relay)
9212 TCP Firewall rule
needed.
Initiated at
service startup
time.
Polling interval is
2 seconds.