Configuring a Host for the Data Collector
In preparation for installing the WISdom data collection services, the machine hosting these services must be configured with the appropriate OS and .NET applications. Additionally, it must have the capability to connect to both the Fortified WISdom API and any target SQL instances assigned to the collector for monitoring. This setup ensures that the WISdom services can effectively gather and transmit data, facilitating seamless monitoring and data collection.
For a PDF version of the WISdom Installation Requirements, use the link.
Host Configuration
Windows System Requirements
The WISdom data collection services require the correct operating system (OS) and .NET applications.
Key Requirements:
- OS Requirements
- The OS and patch level of the collector machine must be equivalent to or higher than those of all monitored target machines.
- Microsoft does not support WMI and performance metric connections from a lower-level OS or patch.
- The OS and patch level of the collector machine must be equivalent to or higher than those of all monitored target machines.
- Windows Management Framework (WMF) 5.1
- Typically included in most Windows OS and Server installations.
- .NET Desktop Runtime 8.0 or higher
- .NET Downloads (Linux, macOS, and Windows)
- Find the .NET Desktop Runtime in the "All .NET Downloads" page for the selected version, located in the right-hand column, second block down.
- .NET Downloads (Linux, macOS, and Windows)
Firewall Rules
To ensure seamless operation of the WISdom services and flow of data to the Fortified WISdom cloud, it is essential to configure the firewall and network devices to allow access to the necessary ports and API URLs.
This configuration includes:
- Access to Managed Servers on Specific Ports:
- SQL Server Port (usually 1433, but may vary)
- o SQL Browser for named instances – Port 1434
- WMI - Port 135 and 49154
- If 49154 is already in use, a range of 49152-65535 (RDP range) is required.
- Performance counters – Port 445
- Outbound firewall rules:
- Allow access to https://collectorapi.fortifiedwisdom.com
- IP Range: 20.85.14.224/29
Antivirus Exclusions
To ensure optimal performance of the WISdom service, it is recommended to exclude the following folders from antivirus scans.
Scanning these folders can degrade the performance of the collection service:
- %Installation Folder%\CollectorResults
- %Installation Folder%\UploadReady
- %Installation Folder%\ESUploadReady (If it exists)
C:\Program Files\Fortified\Wisdom\
Collection Host Server Sizing
The server build hosting the WISdom service will depend on the number of instances from which the service collects data. You may need to provision a VM to support data processing based on geographic location, domain, or subnet.
Follow these guidelines for VM sizing:
| 1~50 Servers | 50~200 Servers | 200+ Servers |
|---|---|---|
| 4 Processors | 8 Processors* | 12 Processors* |
| 8-16 GB RAM | 16 GB RAM | 32 GB RAM |
| 50 GB Storage | 75 GB Storage | 100 GB Storage |
It is possible to create 2 smaller VMs instead of one larger VM and separate the managed servers between them.
Service Account Requirements
These requirements are for the machine hosting the WISdom services.
- Windows Account
- The service account must be a Windows account, preferably a domain account.
- It is recommended to use the service account for all collections; see the collection requirements.
- The service account must be a Windows account, preferably a domain account.
- Log on as Service Permissions
- The account must have the "Log on as a Service" permission to run as a Windows service.
- Local Administrator Privileges
- The account must be a local administrator on the server hosting the WISdom service.
- These permissions ensure that the WISdom Collection service can function correctly and efficiently.
- The account must be a local administrator on the server hosting the WISdom service.