Prerequisites SmartCenter
Prerequisites SmartCenter
This document aims to demonstrate and formalize the prerequisites of SmartCenter. This includes the list of ports that must be opened, the agents that need to be previously authorized, and a description of their functions. Additionally, it provides an overview of the entire solution’s topology, whether it is internal in the Almaden cloud or in the client/partner environment where it will be implemented
ITAM SmartCenter summarized topology
SmartCenter Applications (cloud or replica)
Receiver:
The Receiver is a component of the SmartCenter solution responsible for receiving information sent by agents installed on servers and desktops. It centralizes the responsibility of receiving, decrypting, interpreting, and storing in a database all the information collected by the agents.
It ensures the security of the received data by authenticating the agents before allowing the transmission of information.
After receiving the data, the Receiver interprets and stores it in the corresponding database. It decrypts the received data and converts it to the appropriate format for storage. The Receiver is also responsible for filtering and enriching the data before storing it in specific databases of the SmartCenter solution.
The Receiver is a critical component of SmartCenter, as it is responsible for ensuring the integrity and reliability of the data collected by the agents. It is designed to be highly scalable, allowing it to handle large volumes of data and ensure that no data is lost or corrupted during the process of receiving and storing.
Site/Portal:
The SmartCenter Portal is the data exposure layer of the solution. It is responsible for providing a user-friendly interface for viewing and managing data collected by agents and stored in the solution’s databases.
Through the Portal, users can view reports, charts, and dashboards with information about the performance, capacity, and configuration of servers and desktops managed by the SmartCenter solution. In addition, the Portal allows users to manage their monitoring configurations and policies, such as adding or removing servers and desktops to be managed and configuring performance alerts.
The SmartCenter Portal also provides advanced data analysis features, such as the ability to correlate performance events and perform root cause analysis to identify issues affecting the performance and availability of managed servers and desktops. The Portal is highly customizable, allowing users to create custom reports and dashboards based on their specific monitoring and management needs.
AAU:
The AAU (Almaden Auto Updater) is a component of the SmartCenter solution that manages the automatic update of agents that collect information from monitored devices. It is responsible for scheduling automatic updates of agents, as well as controlling the updated versions made available in the SmartCenter cloud by comparing them with the versions installed on the monitored devices. Additionally, the AAU has the ability to distribute software directly to devices from the SmartCenter cloud, allowing updates to be made quickly and efficiently. With the AAU, it is possible to ensure that all agents are always up-to-date and functioning properly, contributing to the accuracy and reliability of the information collected by the SmartCenter solution. (WAN distribution).
ADW:
The ADW (Almaden Distribution Wizard) is a component of SmartCenter responsible for scheduling and managing software and update distributions via LAN. It communicates with the irradiating server, which is responsible for performing the distributions, and with the SRC (Secure Remote Control), which is the agent installed on the target machines. The ADW allows configuration of distributions according to the organization’s needs, defining which packages will be distributed, at what times, and to which machines. This helps to ensure that all machines managed by SmartCenter are up-to-date and have the necessary software for the proper functioning of the environment.
Conversion (data analyzer):
Conversion (data analyzer) is a component of the SmartCenter solution responsible for converting performance data collected from servers and desktops. It converts data from the granularity of collection to the granularity used in reports. For this, server data is collected minute by minute and converted to hourly points, while desktop data is collected hourly and converted to daily points. This application is essential to ensure the accuracy and reliability of reports generated by the SmartCenter solution.
Databases
Server DB
Server DB is a database in DB2 used to centralize configuration information for the solution and server data. It stores SmartCenter configuration information, such as server access credentials, server groups, and other general solution settings. In addition, it is also responsible for storing the information collected by SmartCenter agents, which is sent to the Receiver and subsequently written to the database. This information includes server performance data, service status, running processes, hardware resource usage, and other useful information for server monitoring and management. The Server DB database is one of the key components of the SmartCenter solution, as it is used to store and process most of the information collected by the solution’s agents.
Desktop DB
The Desktop DB database of the SmartCenter solution is responsible for storing information about desktops. It contains data such as hardware configuration, installed software, security updates, disk usage, memory usage, event history, among other information.
The Desktop DB database in DB2 is used by SmartCenter to provide desktop inventory information and for software and hardware asset management. It allows IT administrators to obtain accurate information about the desktops in their networks, which can help them identify issues and perform tasks such as software deployment, security patching, and hardware maintenance.
In Desktop DB, the Asset database is integrated with other parts of the SmartCenter solution, allowing the data collected about desktops to be used in performance and capacity reporting and analysis. It is also used to support automation and policy management features, enabling administrators to define policies to automatically manage desktops based on the information collected by SmartCenter.
RTM DB
RTM DB (Real-Time Monitoring Database) is a database in DB2 used by the SmartCenter solution to store real-time monitoring data from servers and network devices. It is responsible for collecting raw performance data, including CPU usage, memory, network, storage, and other system resources.
The RTM DB is a high-speed, low-latency database designed to store and manage large volumes of data in real-time. It allows the SmartCenter solution to monitor device performance in real-time and generate instant alerts and reports based on the collected metrics.
The data stored in the RTM DB is later transferred to other databases, such as the Server DB and Desktop DB, where it is converted and aggregated into more complex reports on performance, capacity, sizing, and other metrics.
Cache DB:
Cache DB is a cache database in REDIS used by SmartCenter to speed up data delivery and store temporary data. It is an in-memory data structure that allows for quick storage and retrieval of data without needing to access the database again.
SmartCenter DB:
The SmartCenter DB database in PostgreSQL used by SmartCenter is responsible for storing customization information for the portal. It is used to store report configuration information, dashboards, users, and other custom settings defined by users.
Traffic Hubs or traffic centralizer
Relay
The Relay is a data output or traffic centralizer used to allow the collected data traffic from agents via SSL and HTTPS.
Distribution probe (ADW Server)
The distribution probe is responsible for the contact between the SmartCenter cloud and the client’s network during a software, files and commands distribution.
Netscan
Netscan is the SmartCenter network discovery tool responsible for scanning the registered networks in search of devices that are connected but do not have the SmartCenter agent installed.
The main agents
SmartCenter Desktop/Server Agent (ADA / ASA)
These are the main collector agents for desktops and servers, respectively. All inventory, performance, and other data is collected and sent to the relay through them. It is an agent that enables the installation of the Relay module as well. The agent is developed in C++ and collects information by directly reading registry, WMI/DMI, or executing and handling commands. It compresses and encrypts (256-bit key) the information before transferring it over SSL.
SmartCenter Secure Remote Control Server (SRC)
This is a remote management agent responsible for on-lan and proxy-based remote access, as well as receiving software, file, and command distributions. It is developed based on the VNC protocol with encryption (256-bit key) added to information transfers.
SmartCenter Software Uninstaller (ASU)
This is the client that enables automated removal of software and files using silent and “brute force” methods. Uninstallation is performed based on reading a script called “Blacklst.ini”.
SmartCenter Auto Update (AAU)
This is an agent that seeks new updates for the tool. Based on a configuration made in the portal, it is possible to choose which agents will be automatically updated and what installation parameters they will receive.
Prerequisites communication ports
Below is the list of communication ports for the solution to work in its entirety.
| Feature | Origin | Ports | Direction | Protocol | Destiny | Description |
| All Agents or Relays only | Relays or all equipament | 443,80 | In/Out | SSL | environment-receiver.almaden.app | Communication with the SmartCenter Cloud on the internet via SSL or HTTP protocol. |
| New Ports | 5500, 5758, 5759, 5760 | In/Out | SSL | environment-receiver.almaden.app | ||
| Collector Agents when transmitting through relays | All equipment that will transmit through the relays | 1999 | In/Out | TCP | Relays | Communication between environment equipment and relays |
| Netscan | Netscan server | ICMP | In/Out | – | All Equipment | Discovery of machines on the network. |
| Netscan server | 137/138/139 | In/Out | TCP/UDP | All Equipment | ||
| Netscan server | 237/238/239 | In/Out | TCP/UDP | All Equipment | ||
| Netscan server | 161 (SNMP) | In/Out | TCP/UDP | All Equipment | ||
| Netscan server | 445 | In/Out | TCP/UDP | All Equipment | ||
| Distribution | Distribution server | 5900/5901¹ | In/Out | TCP | All Equipment | Transferring distribution files, commands and executables via LAN. |
| Support/Remote Internet Access | All Equipment | 7615/80/443 | In/Out | TCP/UDP | remote.automatos.com | Support/Remote access between client and server |
| All Equipment | 7615/80/443 | In/Out | TCP/UDP | All Equipment | ||
| Automatic update of agents and WAN distribution | All Equipment | 8081/8443 | In/Out | TCP/UDP | environment-aau.almaden.app | Automatic update of agents in the environment and file distribution via WAN |
| Geolocation | All Equipment | 80 | In/Out | TCP | ip-api.com | collects the geolocation of the equipment. |
Ex: environment-receiver.almaden.app to lad2-receiver.almaden.app.
¹ The standard communication ports of the distribution server with the equipment (5900/5901) can be changed if there is another tool in the environment that uses the VNC protocol.
² User that is part of the security group is required (Auto ADW SRC). Used for distribution and removal of software.
Prerequisites SmartCenter Service/Services Executables
For a better functioning of the SmartCenter services in the environment, we suggest to carry out the inclusion of our service executables and the services that start them as exceptions in the Antivirus / Firewall / GPO clients.
Below is a list of the main executables:
ADA – Almaden Desktop Agent
It is the main collector agent for desktops. From there, all inventory and performance information is collected and sent to the cloud.
executables: services:
C:\Program Files (x86)\Automatos\Desktop Agent\
• (Almaden) AutomatosDesktopAgent
• (Almaden) AutomatosRelay
C:\Program Files\Automatos\Desktop Agent\
• adacontrol.exe
• aengine.exe
• arelay.exe
• enumwindows.exe
• epc.exe
ASA – Almaden Server Agent
It is the main collector agent for servers. From there, all inventory and performance information is collected and sent to the cloud.
executables: services:
C:\Program Files (x86)\Automatos\Automatos server Agent\
• (Almaden) AutomatosServerAgent
• (Almaden) AutomatosRelay
C:\Program Files\Automatos\Automatos Server Agent\
• adacontrol.exe
• aengine.exe
• arelay.exe
• enumwindows.exe
• epc.exe
ASU – Almaden Software Unistaller
It is the client that enables automated removal of software and files by silent and “brute force” methods.
executables: services:
C:\Program Files (x86)\Automatos\Software Uninstaller\
• Uninstall
C:\Program Files\Automatos\Software Uninstaller\
• arun.exe
• asu.exe
• CopyUninstallLogFiles.exe
• ImpersonateUser.exe
• removebaidu.exe
ASRC – Almaden Secure Remote Control
Agent that receives the distribution of files, commands and software from the distribution server via LAN (Local Area Network)
executables: services:
C:\Program Files (x86)\Automatos\Secure Remote Control\Server\ • asrcs
C:\Program Files\Automatos\Software Uninstaller\
• asrcs.exe
• asrcsc.exe
• dialog.exe
• MSLogonACL.exe
• setcad.exe
• testauth.exe
AAU – (Almaden) Automatos Auto Update
Agent responsible for maintaining automatic agent updates and responsible for managing distributions via WAN.
executables: services:
C:\Program Files (x86)\Automatos\Auto Update
• (Almaden) Automatos Auto Update
C:\Program Files\Automatos\Auto Update\
• aau.exe
• aauinstaller.exe
• UninstallApp.exe
Netscan – Network Discovery
It is the ADA plugin responsible for the network scan to find equipment that has not yet had the agent installed.
ADW – Almaden Distribution Wizard
It is the ASA plugin responsible for turning a server into a distribution server.
Executables: services:
C:\Program Files (x86)\Automatos\Distribution Wizard\0
• adwe1
C:\Program Files\Automatos\Distribution Wizard\0
• adwe.exe
• adwutil.exe
• asrccel.exe
• asrcftl.exe
• schtaskadd.exe
• schtaskdel.exe
Relay Service
Service installed through ADA or ASA agents, responsible for concentrating and transmitting all information gathering data provided by the installed agent through a centralized point on the network. In this scenario, the sending of all collections is centralized in these equipments.
Minimum sizing for netscan servers, distribution server and relay servers
The minimum settings required for the relay to work are:
CPU: 2 Core 2.8 GHz+
Available disk space: 120 GB
Memory: 4 GB
Operacional system: Windows Server 2012 or higher
Agent data transmission methods
Our agents have three methods of transmitting data to the cloud:
Method 1 – Sending to centralized relays
The agent transmits the information collected through outgoing relays using port 1999 to connect to the relay, with that all information output will be centralized in the relays.
Method 2 – Sending directly to the cloud
The agent transmits the collected information directly to the Almaden cloud, requiring the release of all equipment to the internet.
Method 3 – Sending in a hybrid form
In this method, the agent will look for the relay in the network and if not found, it will use the local relay to transmit the information. An important alert is that in this method the relay installed locally on the equipment will always test the outgoing connection, if it is not released or correctly blocked, this can generate excessive denial logs in the firewall.
