Flow of data

Edit online

There are several different interactions that occur between the components of the License Metric Tool infrastructure and between the user and tool.

Diagram illustrating the flow of data within License Metric Tool

Arrow indicates the connection origination.

License Metric Tool domain

Interaction	Type	Connection	Description
a	REST API data traffic	Default port	9081
		Protocol	HTTPS
		Origination	Client that uses REST API connections
b	Web browser data traffic	Default port	9081
		Protocol	HTTPS
		Origination	Web browser
c	Extraction of virtualization hierarchy by using REST API	Default port	Specific to the type of virtualization manager
		Protocol	TCP (HTTP/HTTPS)
		Origination	VM Manager Tool

BigFix domain

Interaction	Type	Connection	Description
A	BigFix console data traffic	Default port	52311
		Protocol	HTTPS
		Origination	BigFix console
		Network controls	There is a "refresh rate" for each BigFix console user (default 15 seconds)
B	Directory server user authentication	Default port	389 or 636 (for SSL)
		Protocol	TCP (LDAP/LDAPS)
		Origination	WebReports
		Network controls	N/A
C	REST API data traffic	Default port	8080 or 8083
		Protocol	TCP (HTTP/HTTPS)
		Origination	BigFix server
		Network controls	N/A
D	Directory server user authentication	Default port	389 or 636 (for SSL)
		Protocol	TCP (LDAP/LDAPS)
		Origination	BigFix server
		Network controls	N/A
E	Download of new data from external HCL fixlet servers Note: For more information, see: Firewall exceptions (BigFix scenario)	Default port	80 (typically); possibly 443
		Protocol	TCP (HTTP/HTTPS)
		Origination	BigFix server
		Network controls	This communication is optional. In case of no Internet connection, you need to update the fixlet site manually. There is a configurable interval that the BigFix server checks for new fixlet messages.
F	Gather, post, download	Default port	52311
		Protocol	TCP (HTTP/HTTPS)
		Origination	BigFix client
		Network controls	Configurable bandwidth throttling to BigFix relay or clients Configurable gather interval. The default is `1` per day per fixlet site. Configurable minimum time to wait between posts. The default is `15` seconds. Configurable temporal distribution (spread out downloads over time) per action The ability to set "policy" to prevent computers from downloading files if they are not pointed at the proper BigFix relay
G	UDP new information message	Default port	52311
		Protocol	UDP
		Origination	UDP messages are sent from the immediate parent of the BigFix client. It can be either a BigFix relay or the BigFix server.
		Network controls	Configurable limit of the number of UDP messages sent at one time from a BigFix relay Configurable limit of the amount of time to wait after sending UDP messages from a BigFix relay
H	Relay selection	Default port	None
		Protocol	ICMP
		Origination	Each BigFix client sends progressive rounds of ICMP packets to each relay with increasing TTLs until a BigFix relay responds. For example, in a network of 2 relays, one 1 hop away and one 2 hops away, the BigFix client sends an ICMP message to both with TTL 1 and receives 2 time exceeded messages from the local router. The BigFix client then sends an ICMP message to both relays with TTL 2 and receives one time exceeded message and one reply message. The BigFix client then chooses the relay that is one hop away.
		Network controls	Relay auto-selection can be disabled. Configurable interval for when the BigFix clients perform auto-selection Configurable limit on the maximum number of ICMP packets to send out in a time interval Configurable limit on the maximum number of rounds to send out during relay auto-selection
I	Extraction of virtualization hierarchy by using REST API	Default port	Specific to the type of virtualization manager
		Protocol	TCP (HTTP/HTTPS)
		Origination	VM Manager Tool
		Network controls	N/A

Cross domain

Interaction	Type	Connection	Description
1	Download of the scan results from endpoints	Default port	52311
		Protocol	TCP (HTTP/HTTPS)
		Origination	License Metric Tool server
2	Directory server user authentication	Default port	389 or 636 (for SSL)
		Protocol	TCP (LDAP/LDAPS)
		Origination	License Metric Tool server