Connectivity requirements

Contents

Connectivity requirements

This article or section is in the process of an expansion or major restructuring.

Overview

Find the connectivity requirements of every Nexthink product in the reference tables below. You can configure some of the products to use either a secure or a non secure channel for specific services (see the column Reason). Depending on their configuration, note that you may require to allow connections through a different port number.

If rule-based Collector assignment is turned on, the TCP channel of the Collector also connects to the Portal. Collectors use this connection to ask for their assigned Engine.

The Collector no longer requires a separate UDP channel to send end-user analytics to the Engine. That data as well as coordination data and updates may be optionally transmitted through the TCP channel. The default is to use TCP port 8443 for all Collector communications.

For each connection, the tables indicate the transport protocol used. When an application protocol handles the connection over the transport layer, the name of the application protocol precedes the name of the transport protocol.

Nexthink Experience Architecture

NXPlatform

Portal

In the following table, we describe the port that must be opened on the computers connecting to the Portal.

Port

Number

Protocol Direction

(IN/OUT)

Reason Domains
443 HTTPS / TCP OUT Access to the Portal (secure) Portal address

Finder

In the following table, we describe the different ports that must be opened on the computers running the Finder to communicate seamlessly with Nexthink Experience.

Port

Number

Protocol Direction

(IN/OUT)

Reason Domains
25 SMTP / TCP OUT Send email in case of error  
80 HTTP / TCP OUT Connection to the documentation web site doc.nexthink.com
HTTP / TCP OUT Verification of security certificates ocsp.verisign.com
443 WebSocket / TCP OUT User connection to the Portal  
WebSocket / TCP OUT User connection to the Engine  
HTTPS / TCP OUT Installation and updates of the Finder from the Portal Portal address
HTTPS / TCP OUT Support telemetry alib.nexthink.com
HTTPS / TCP OUT Connection to the Library library.nexthink.com

Collector

In the following table, we describe the different ports that must be opened on the computers running the Nexthink Collector to send data seamlessly with the Nexthink Engine.

Port

Number

Protocol Direction

(IN/OUT)

Reason
8443 WebSocket / TCP OUT Collector default TCP channel to the Engine and, if rule-based Collector assignment is turned on, to the Portal.
Applies to platforms: PlatformWindows.png PlatformMac.png


In addition, Windows Collector components call a Windows API method once every 24 hours that triggers a connection for client to domain controller operations through TCP port 135. Ephemeral TCP ports in the range 49152-65535 are used for service response.

Applies to platforms: PlatformWindows.png

Data Enricher

The Windows Server that runs the Data Enricher requires the following communication channel to reach Nexthink Experience. The ports for connecting to Active Directory through a secure or insecure channel are configurable (Active Directory default port numbers are shown).

Port

Number

Protocol Direction

(IN/OUT)

Reason Domain
53 DNS / UDP OUT Resolving destination names by reverse IP  
389 LDAP / TCP OUT Connection to Active Directory (non secure)  
443 HTTPS / TCP OUT Send AD and DNS data agora.reg.nexthink.cloud (reg is the availability region of the customer)
636 LDAPs / TCP OUT Connection to Active Directory (secure)