Architecting, installing and maintaining your SAS environment

Configure SAS MidTier Firewall

Accepted Solution Solved
Reply
Contributor SDV
Contributor
Posts: 23
Accepted Solution

Configure SAS MidTier Firewall

I have the task of configuring the SAS Intelligence Platform on Redhat Linux 6.x across three servers and need to have the firewalls (iptables) configured on each server.  So far it seems like we are set for the Metadata & Compute servers and now we are configuring the MiddleTier server. 

 

I have a question based on what is stated in the Middle Tier Administration Guide on page 45:  "To prevent these issues, you

can modify the firewall configuration to permit traffic to Java applications. Alternatively, you can manually update the SAS configuration to ensure that ports in the appropriate range are available through the firewall."
 
Then in the next paragraph the doc it discusses setting the JVM options to accomodate a firewall.  The question that I have is whether or not I will need to open the ports in the firewall based on the ports used for the JVM settings?  I think so, but confirmation would be great.
 
Maybe the "Alternatively" sentence above is meant to refer to opening the large port range:1024-65535
 
 

Accepted Solutions
Solution
‎09-20-2016 03:20 PM
Regular Contributor
Posts: 173

Re: Configure SAS MidTier Firewall

You would need to update iptables with the ports or port ranges for each jvm.

 

I believe the "alternatively" language/statement is saying that instead of updating iptables, you could configure your SAS applications to use ports already allowed on iptables (instead of the default ports).

View solution in original post


All Replies
Solution
‎09-20-2016 03:20 PM
Regular Contributor
Posts: 173

Re: Configure SAS MidTier Firewall

You would need to update iptables with the ports or port ranges for each jvm.

 

I believe the "alternatively" language/statement is saying that instead of updating iptables, you could configure your SAS applications to use ports already allowed on iptables (instead of the default ports).

☑ This topic is solved.

Need further help from the community? Please ask a new question.

Discussion stats
  • 1 reply
  • 349 views
  • 0 likes
  • 2 in conversation