Preparing for Installation
Before starting the installation, gather the required data, open the required ports, and set up the servers, as described.
Communication Requirements
File Access Manager is a service-oriented solution, and as such, enables the distribution of its services on multiple servers. The model is flexible, and services can be shifted between servers to boost performance.
.NET
File Access Manager requires the latest ASP.NET Core 6.0.x Hosting Bundle. This bundle consists of the .NET Runtime and ASP .NET Core Runtime.
You can download the latest 6.0.x Hosting Bundle version from here.
Caution
Without completing this step, the installation will fail.
All servers hosting File Access Manager services, including all Activity Monitors, must have .NET Core 6.0.x installed as a prerequisite for the installation.
The administrative client computer and Business Website service server must contain .NET Framework 4.7.2.
Note
.NET Core and .NET Framework 4.7.2 can be installed on the same server.
Verifying .NET Core Settings
Complete the following steps to verify the version of .NET Core:
- Open a CMD window.
-
Execute the following command:
dotnet --list-runtimes
The output should consist of at least these two:
- Microsoft.AspNetCore.App 6.0.x
- Microsoft.NETCore.App 6.0.x
If the command did not execute or the two runtimes mentioned above are not in the output list, reinstall or repair the hosting bundle.
Inter-service Communication
File Access Manager uses SSL communications for all its deployed services.
SSL communications use Server and Client Certificates which, by default, are self-signed and created when each service is installed. While the operating system may not trust these certificates, File Access Manager components do trust them.
It is a best practice for all components to be in a safe, secure network, behind firewalls, even though SSL secured communication is enabled.
The table below lists the relationships among the services and clients.
Service | Clients | Default Port |
---|---|---|
Agent Configuration Manager | Activity Monitor Event Manager Central Data Classification Central Permissions Collector Data Classification Collector Permissions Collector Collector Installation Manager |
8000 |
Event Manager | User Interface Central Data Classification Scheduled Task Handler Central Permissions Collection Web Server |
8001 |
Reporting Service | User Interface | 8006 |
User Interface | File Access Manager Administrative Client | 8005 |
Workflow | User Interface | 8008 |
Elasticsearch | Event Manager Reporting Service Scheduled Task Handler User Interface Web Server Activity Analytics |
9200 |
Elasticsearch | Elasticsearch | 9300 |
RabbitMQ | Central Permissions Collector Central Data Classification Permissions Collector Data Classification Collector Activity Monitor Event Manager |
5671 |
RabbitMQ | Schedule Task Handler | 15671 |
Activity Analytics | None | 8010 |
Environment Variables
In some instances, a configured environment requires a proxy server for all File Access Manager server-wide outbound connections. In this case, the use of two environment variables is an option.
These specific variables need to be configured on the File Access Manager server(s) hosting the engine/collector/collector sync services that need to communicate with specific endpoints.
Updating or Changing Environment Variables
Both variables can be created and updated within a Windows Server System by navigating to Properties > Advanced > Environment Variables.
ALL_Proxy - The proxy server used on HTTP and/or HTTPS requests in case HTTP_PROXY and/or HTTPS_PROXY are not defined.
Example: `10.10.10.10:8080`
NO_PROXY - A comma-separated list of host names that should be excluded from proxying.
Example: `SOME.DOMAIN.COM, LocalFAMServer1, LocalFAMServer2`
After creating these variables, the corresponding File Access Manager services must be restarted for the changes to take effect.
Note
File Access Manager services need to be able to read from the environment variables. Therefore, it is recommended to create them as System Variables.
Ensuring HTTP/2 Support
Services will only accept http/2 connections (version 8.3 uses gRPC as the communication protocol, the requires http2).
Once fully installed, File Access Manager services should work seamlessly with http2. In some cases, some communication middleware components (such as load balancers, e.g.) may not be configured to support http/2, which may cause for communication failure and cause the installation to halt. As a pre-installation step, ensure all servers and communication middleware components are configured to support http/2.