Firewall configuration

Install Start of change IBM® Content Classification End of change behind a firewall. After installation, you might need to configure your firewall for the system to operate properly.

Opening ports to incoming requests

Content Classification components listen for requests on certain ports. By default, the Content Classification administration server listens for requests on port 18085, the data server uses port 18086, and the listener uses port 18087.

Start of change All Content Classification client requests should go through the listener port. This port must be accessible through the firewall, and only Content Classification client applications should be allowed to access this port. If you installed multiple listener components, ensure that all listener ports are open to client requests. End of change

Start of change If you run knowledge base instances or decision plan instances on different computers, these instances must reside behind the firewall. You must open ports on those computers so that the listener can communicate with them. End of change

If you run the Classification Center application, you also need to ensure that the computer on which Classification Center runs is open to accept requests. By default, the Classification Center runs on port 2121.

Start of change If you are requested by IBM Software Support to run the Trace Monitor to gather Content Classification data for problem analysis and resolution, ensure that the Trace Monitor port is accessible through the firewall. Only Content Classification client applications should be able to access the port. The Trace Monitor port should be open to the Windows computer on which the Trace Monitor application runs. End of change

Start of change Online help for Content Classification applications is available on the internet. You might need to configure your firewall to allow Content Classification applications to access online help. End of change

Enabling communication to other Content Classification servers

Your firewall might be configured to block executable files from communicating via HTTP, or communicating with other computers or network resources. The following executable files in the Classification_Home/Bin directory might need to be enabled to allow the system to function properly:

bnsAdmin88.exe
bnsConfig88.exe
bnsDServer88.exe
bnsDServerConverter88.exe
bnsExtractTexts88.exe
bnsInstall88.exe
bnsListener88.exe
bnsProcessManager88.exe
bnsRODP88.exe
bnsRWDP88.exe
bnsROKB88.exe
bnsRWKB88.exe
Process_console88.exe
Trace_server.exe
TraceMonitor.exe

In addition, you might need to enable additional client applications to work within your firewall. For example, if you write a client application that communicates with the server, your application must have permission to connect to the server.