cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Network Security Concerns

serhat_balik
Helper

Network security team is pretty paranoid around these days after the Solarwinds hack, and they are checking every little detail. They are watching the processes and ports of nodes and agent hosts to see what is coming through. They asked me 2 questions, and it would be great help to ease the concerns of theirs.

 

1) Do we need to open port 443 bi-directionally between Agent Hosts <-> Managed Node? I always thought we have to, but in the documentation, the arrows only show one way, and the security team can't see any data that is flowing from Node to Agents.

I guess the Node has to send OneAgent update to the related hosts or configuration data at some point, so eventually it will talk back? I am a little confused.

https://www.dynatrace.com/support/help/setup-and-configuration/dynatrace-managed/basic-concepts/mana...

 

2) They've discovered Oneagentwatchdog.exe’ is listening to 50000, 50001, 50002 ports. We wonder what this process actually does?

4 REPLIES 4

pahofmann
DynaMight Guru
DynaMight Guru

1) The communication is unidirectional, only the agent sends data to the managed node.


2) The Watchdog makes sure all OneAgents processes (os agent, plugin engine,...) are running and (re)starts them if needed.

Dynatrace Certified Master - Dynatrace Partner - 360Performance.net

serhat_balik
Helper

Thanks Patrick for the clarification, but how does OneAgent updates are sent to the hosts then? This part is a little fuzzy to me.

The oneagent checks if updates are available, in case they are the agent gets them as the response to his request.

Dynatrace Certified Master - Dynatrace Partner - 360Performance.net

AntonioSousa
DynaMight Guru
DynaMight Guru

The Solarwinds hack was a wakeup call for a lot of people. Fortunately for us, Dynatrace users, there are a lot of protections in place, as can be seen in the blog post below. Working in the security domain myself, this has been one of the few companies coming forward with their inside security culture & practices:

https://www.dynatrace.com/news/blog/how-dynatrace-protects-its-software-development-and-delivery-lif...

Antonio Sousa

Featured Posts