Communication Ports Used By ControlUp: Hybrid Cloud (EU Customers)
    • Dark
      Light
    • PDF

    Communication Ports Used By ControlUp: Hybrid Cloud (EU Customers)

    • Dark
      Light
    • PDF

    Article Summary

    Architecture_v2023.png

    Outbound Connections

    Devices and servers used by ControlUp, providing configuration interface, data aggregration, upload and authorization validation for Solve access, and other services. This requires TCP 443 / SSL outbound connectivity to the following URLs:

    DNSPurpose
    fe1.controlup.comReal-Time DX login services, SOAP
    fe3.controlup.comReal-Time DX login services, SOAP
    rt-app.controlup.comReal-Time DX configuration services, SOAP
    rt-app-eu-central-1.controlup.comReal-Time DX configuration services
    rt-app-eu.controlup.comReal-Time DX configuration services
    mp.controlup.comReal-Time DX <> Solve query engine
    s3.eu-central-1.amazonaws.comReal-Time DX / Insights historical data uploads
    cu-ca-eu.controlup.comReal-Time DX Centralized Auditing services
    uploader-eu-central-1.controlup.comReal-Time DX / Insights historical data uploads, SOAP
    insights-hec.controlup.comHTTP Event Collector (HEC) Endpoint - telemetry data from ControlUp Monitors
    solve.controlup.comSolve backend

    Web Browser Access

    Administrators and other ControlUp users need to have web browser access (TCP port 443, https) to the following addresses:

    DestinationDetails
    https://solve.controlup.comControlUp Solve Portal
    https://insights.controlup.comControlUp Insights Portal
    https://[tenant-name].sip.controlup.com
    https://maps.google.com
    Edge DX Portal
    https://app.eu.scoutbees.ioScoutbees Portal

    Connectivity to Devices and Services in Your Network

    In most networks, the following will be required for proper functioning of the ControlUp Monitors and virtual machines being monitored:

    DestinationTypePortProtocolDetails
    ControlUp AgentTCP40705WCFIncoming TCP / WCF traffic from Console and Monitor cluster to ControlUp Agents
    ControlUp MonitorTCP40706Used for Console ⇔ Monitor and internal Monitor cluster communication
    ControlUp MonitorTCP135 - 139, 445RPC / WMI / SMBUsed for monitor deployment via the console
    Domain ControllersTCP389LDAPLDAP communication from the Real-Time Console and ControlUp Monitors with Domain Controllers

    The following is a comprehensive list of services that you want to monitor with ControlUp. This table includes information on the default ports and protocols. According to the case, there can be a source such as ControlUp Monitors, Real-Time Console, or Scoutbees Hives.

    There is no requirement to configure all and it depends on what you want to monitor:

    DestinationTypePortProtocolDetails
    Citrix XenDesktop ControllersTCP80 / 443HTTP/SCommunication with XenDesktop Infrastructure
    Citrix XenServer Pool Master/HostsTCP80 / 443HTTP/SCommunication with XenServer Infrastructure (and RRD communications)
    ControlUp AgentTCP135 - 139, 445, 49152-65535RPC / WMI / SMBAgent deployment and upgrades via the console Certain OOB actions, such as restarting the agent
    Data CollectorTCP40705WCFControlUp Console - Data collector port
    Domain ControllersTCP389LDAPLDAP communication with Domain Controllers
    NetScalersTCP443 / 80HTTP(S)Depending on what the administrator configured
    Nutanix/AHVTCP9440Communication with Nutanix Infrastructure
    VMware Horizon Connection ServerTCP443HTTPSCommunication with Horizon Infrastructure
    VMware vCenter ServerTCP443HTTPSCommunication with vSphere Infrastructure
    Linux ClientTCP22SSHCommunications with Linux machines

    Connection Requirements for APIs

    Depending on if you plan to use the respective API, enable the following API URIs:

    DestinationTypePortProtocolDetails
    https://*.cloud.com
    https://*.citrixworkspacesapi.net
    https://*.xendesktop.net
    TCP443HTTPSCommunication with Citrix Cloud
    https://sts.amazonaws.com
    https://ec2.amazonaws.com
    TCP443HTTPSAWS API
    https://management.azure.comTCP443HTTPSAzure API
    edgedx-functions.azurewebsites.netTCP443HTTPSCreating tenant for Edge DX

    Was this article helpful?