What is the minimum access required to install the OPMS and to interact later on with ASM?
search cancel

What is the minimum access required to install the OPMS and to interact later on with ASM?

book

Article ID: 192482

calendar_today

Updated On:

Products

CA App Synthetic Monitor DX Application Performance Management

Issue/Introduction

In a high security environment with very limited internet access, through a proxy and only to limited URLs, will it be sufficient to have access to opp1.asm.ca.com and opp2.asm.ca.com for the OPMS installation and for further interaction with ASM (post-installation)?

Environment

Any OPMS

Resolution

For the installation it is a good idea to allow any outgoing traffic to ports 443 as there are some packages to download (OS and OS license specific), a few docker images (both from our and public repositories) and the API is also contacted (to register the station). 

Currently, the docker images are downloaded during the first service start, not during the installation and therefore the reason why it needs to wait until all the services are up and running. After the installation is completed (which also includes the first service start!) the firewall rules can be changed to reject anything except connections to the opp1.asm.com and opp2.as.com plus the services that needs to be monitored.