Monitoring Remote Servers Through Firewalls
Power Admin monitoring products contain a variety of modules that monitor different server resources. In general, the server resources are accessed through one of two ways:
- Standard protocol ports
- Windows RPC
Standard Protocol Ports
Standard Protocol Ports would be those ports that are used by a protocol-specific monitor. For example, the Web Page monitor uses HTTP, and therefore (by default) port 80 to access the remote server. The SMTP server monitor uses a default port of 25, POP3 is a default of port 110, etc. These standard protocol monitors therefore use the port specified by the relevant standard.
Windows RPC
Windows-specific monitors (Event Log monitor, Disk Space monitor, Service monitor, etc) use standard Windows RPC to access the underlying resources. Windows RPC uses TCP port 135 by default (although you can change this via tools on the Microsoft website). Because port 135 is targeted by much of the malware and worms on the Internet, we do not recommend opening that port on an Internet-facing firewall.
Windows 2008
Windows 2008 comes with a very strict firewall which is enabled by default. Go to Control Panel -> Windows Firewall with Advanced Security to the incoming rules, and enable the Remote Administration rule.
Test ...
To test if the ports are correctly opened, we recommend using a Windows app, like the Windows Event Log Viewer for example. Start eventvwr.msc and see if you can use it to connect to and view the remote Event Log. If this works, any firewalls in between are letting the requests through. For advanced firewalls like the one in Windows Server 2008, you should also try this with the Services applet (services.msc) and the Performance viewer (perfmon.msc) if you will be monitoring those resources.
