NX Witness Merged Systems server communation
Answered
Hello support ,
Kindly need to understand how the servers communicate after merging the system.
There is the following scenario:
Headquarter Server :Where NX Witness is installed and All the branches systems merged to this HQ system.
Branches Servers: Each branch has NX Witness server installed and as mentioned the system is merged to Headquarter's system.
There is VLAN connection between the HQ and branches.
- We used the following url on HQ server merge configuration http://<branch server ip>:7001
The network administrator has noticed that the communication from branch servers to HQ server is happening via real ip (through internet ) as all the branches are sending request to the real ip of the organization.
Can you please clarify if this is possible? How to keep the communication local is there a specific configuration ?
Thank you
-
Hi nar ter,
Please check THIS support article, about the server hive architecture, to get an idea which information is shared among servers within a system and how.
If a system is connected to the Nx Cloud, the cloud relay servers will be used for the hive synchronization.
Disconnect the system from the Nx Cloud, and you can route all information as desired with the help of VLAN or other network configurations.
0 -
Hello Norman ,
We need urgent support for this as the client has security concerns.
All the branch servers which are merged to the HQ server are continuously applying and sending traffic to the client's real ip address on port 7001 TCP (alot of servers and alot of requests to the real ip)
What could be the reason ? Is there a specific configuration in NX ? how NX servers have learnt the real ip addresses of the client ?
Note: -The client has restricted internet access on the branch server's already.
- No NX Cloud connections
- The above article mentions that synchronization happens using http protocol .So what is that tcp 7001 traffic from each branch server to the outer real ip address ?
- I have disabled "update client automatically" and "time synchronization from internet" settings , on the HQ system
Thank you
0 -
Hi nar ter,
Thank you for reaching out to us. We appreciate your concerns regarding the given information, but with limited details provided, it becomes challenging to provide accurate assessments.
It is important to note that the system utilizes genuine IP addresses for communication, as this is the standard method for devices to interact over a network or the internet. Blocking such communication is neither feasible nor recommended.
If a VLAN has been properly set up, and external communication is restricted while also avoiding the use of cloud connections, there should be no communication outside the internal network. Although there might be occasional attempts, they should ultimately fail if you carefully examine the responses to these requests.
It is possible that the option Send anonymous usage and crash statistics to software developers is enabled, which could result in traffic outside the internal network. However, in most cases, this would also fail if the outside network is blocked.
To gain a better understanding of the issue at hand, it would be beneficial to have a clear overview of the current network topology and to identify the specific packets that are deemed suspicious.
Please provide us with any additional information you can share so that we can assist you more effectively. We are here to help and resolve any concerns you may have.
Best regards.
0
Please sign in to leave a comment.
Comments
3 comments