Client-Side Port Definition
The client-side port definition feature enables a client application (of server type) to define its connection parameters before connecting to the server application. This enables the server application to control the number of client connections. In addition, if the client application is located behind a firewall, the server application will be able to accept the client connection by verifying its predefined connection parameters.
Security Benefits
The client-side port definition feature enables a customer to better control the data connections through their firewalls, by enabling them to precisely define the connections that can tunnel through the firewalls. This reduces the susceptibility to denial-of-service (DoS) attacks, where an excessive number of malicious application-level requests arrive at the same server-side port. This can result in the server application dropping its performance or even becoming unstable. It also affects the other applications on the same server or in the network.
Supporting Components
This feature applies to the following components:
- Configuration Server Proxy on all of its connections, except to its HA partners
- License Resource Manager when connecting to Configuration Server/Configuration Server Proxy
- Media T-Servers when connecting to Configuration Server/Configuration Server Proxy
- Network T-Servers when connecting to Configuration Server/Configuration Server Proxy
- Load Distribution Server on all of its connections with T-Server and Configuration Layer.
- Universal Router Server when connecting to Configuration Server/Configuration Server Proxy, T-Server, Custom Server, Stat Server, and DB Server
- Custom Server when connecting to Configuration Server/Configuration Server Proxy
- Outbound Contact Server when connecting to Configuration Server/Configuration Server Proxy, T-Server, Stat Server, and DB Server
- CPD Server and CPD Proxy Server when connecting to Configuration Server/Configuration Server Proxy and T-Server
- IVR Server and IVR Drivers for WVR for AIX, and for MPS when connecting to Configuration Server/Configuration Server Proxy
- Stat Server when connecting to Configuration Server/Configuration Server Proxy, T-Server, DB Server, and Interaction Server
- Genesys Voice Platform (GVP) when connecting to Configuration Server/Configuration Server Proxy
- Interaction Server when connecting to Universal Contact Server, Interaction Server, Email Server Java, Chat Server, SMS Server, Social Messaging Server, Classification Server, Stat Server, Message Server, and Configuration Server/Configuration Server Proxy
- Chat Server when connecting to Message Server, Configuration Server/Configuration Server Proxy, Interaction Server, and Universal Contact Server
- Web API Server Java when connecting to Configuration Server/Configuration Server Proxy, Solution Control Server, and Message Server
- Web API Server .NET when connecting to Configuration Server/Configuration Server Proxy, Solution Control Server, and Message Server
- SMS Server when connecting to Protocol Adapter, Interaction Server, Message Server, Configuration Server/Configuration Server Proxy, and Solution Control Server
- Classification Server when connecting to Configuration Server/Configuration Server Proxy and Message Server
- Social Messaging Server when connecting to Message Server, Configuration Server/Configuration Server Proxy, and Interaction Server
- Email Server Java when connecting to Configuration Server/Configuration Server Proxy, Message Server, Interaction Server, and Universal Contact Server
- Genesys Info Mart when connecting to Configuration Server/Configuration Server Proxy and Message Server
- CCPulse+ when connecting to Configuration Server/Configuration Server Proxy
- Workspace Desktop Edition (formerly known as Interaction Workspace) when connecting to Configuration Server, Stat Server, Universal Contact Server, Interaction Server, and T-Server/SIP Server.
Important
For Workspace Desktop Edition connections to Configuration Server, please refer to the
Workspace Desktop Edition Deployment Guide. For the other connections, the procedures described in this guide are applicable.
- Genesys Rules Engine and Genesys Rules Authoring Tool when connecting to Configuration Server/Configuration Server Proxy
- Genesys Interactive Insights on its connections between server components. Refer to Genesys Interactive Insights documentation for more information.
In addition, Enterprise SDK and Platform SDK support client-side port definition for Genesys components that support this feature. For details about how client-side port definition can be used in custom-built applications, refer to the appropriate API Reference for your development platform.
Known Issues and Recommendations
Several known issues exist in the current client-side port definition feature implementation:
- Activation of this feature requires you to supply client parameters, which Genesys recommends that you do through the Genesys Installation Wizard.
- The Media Configuration Wizard does not support the client-side port definition feature configuration. When installing T-Server in an environment where there will be a port-restricted firewall between T-Server and Configuration Server, you must initially configure and install such a T-Server manually.
- If the client-side port definition feature is enabled during T-Server installation, when T-Server starts, it will report warning messages in its log about command-line parameters related to this feature. Ignore these messages.
- If a client’s connection parameters to Configuration Server are defined manually in several different places, make sure that those entries are identical.
- If you add this feature to configured redundant components, the port number (and, optional, IP address) specified in the primary server Application object are automatically propagated to the backup server Application object. Correct these parameters in the backup server Application object manually.
- Genesys licensing functionality does not support the client-side port definition feature configuration.
Feature Configuration
To configure client-side configuration, do the following steps:
1. Specify the client’s connection parameters (the port number and optionally, the IP address). These parameters will be used for the initial connection to Configuration Server. [+] Show steps
You can specify the parameters while using the Genesys Installation Wizard to install the client or specify them manually.
Important Genesys recommends that you specify the port number (and, optional, IP address) of a client when you install it by using the Genesys Installation Wizard. If you decide to enable this feature later, you can either re-install the component and define the client’s connection parameters during the component installation, or specify the parameters manually. <tabber>
Using Wizard on UNIX=
- In the directory to which the component installation package was copied during Wizard configuration, locate a shell script called install.sh.
- Run this script from the command prompt by typing sh and the file name. That is: sh install.sh.
- Proceed with the installation according to the instructions in the component’s product documentation.
- At the prompt:
Client Side Port Configuration
Select the option below to use a Client Side Port. If you select this option, the application can use Client Side Port number for initial connection to Configuration Server.
Do you want to use Client Side Port option (y/n)?
Type y for yes, then press Enter.
- At the prompt:
Client Side Port port
Enter the port number that the client application will use for its TCP/IP connection to the Configuration Server, and pressEnter. Note that the installation script will not verify the availability of the component’s port number. You must specify a unique port number that is dedicated to this connection.
- At the prompt:
Client Side IP Address (optional), the following values can be used:
(Optional) Enter the IP address that the client application will use for its TCP/IP connection to the Configuration Server, and press Enter.
- Complete the component installation as specified in the component product documentation. During the installation, the client’s predefined port number (- transport-port <port number>) and IP address (- transport-address <IP address>) (if specified) will automatically be added to:
- The Command–Line Arguments text box on the Start Info tab of the server’s Application Properties dialog box, so that the application can be started with the Management Layer.
- The server application’s run.sh file, so that the application can be started by the startup files.
- The ImagePath in the Application folder in the Registry Editor, so the application can be started as a Windows Service.
|-|
Using Wizard on Windows=
- Launch the component’s Genesys Installation Wizard according to the instructions in the component’s product documentation.
- On the Client Side Port Configuration page, do the following:
- Select the Use Client Side Port check box.
- Specify the component’s (the client’s) parameters for connecting to the Configuration Server associated with this client application, as follows:
- Port: Enter the port number that the client application will use for its TCP/IP connection to the Configuration Server. Note that the installation script will not verify the availability of the component’s port number. Make sure that you specify a unique port number that is dedicated to this connection.
- (Optional) IP Address: Enter the IP address that the client application will use for its TCP/IP connection to the Configuration Server.
Important Genesys recommends that you specify the port number (and, optional, IP address) of a client when you install it by using the Genesys Installation Wizard. If you decide to enable this feature later, you can either re-install the component and define the client’s connection parameters during the component installation, or specify the parameters manually.
- Click Next.
- Complete the component installation as specified in the component product documentation. During the installation, the client’s predefined port number (- transport-port <port number>) and IP address (- transport-address <IP address>) (if specified) will automatically be added to:
- The Command–Line Arguments text box on the Start Info tab of the server’s Application Properties dialog box, so that the application can be started with the Management Layer.
- The server application’s run.sh file, so that the application can be started by the startup files.
- The ImagePath in the Application folder in the Registry Editor, so the application can be started as a Windows Service.
|-|
Manually=
You configure a client’s connection parameters by adding them as command-line parameters that are be used during component startup. You can start Genesys components by using the Management Layer, a startup file, a manual procedure, or the Windows Services Manager. For a server application, all these methods usually require command-line parameters in addition to an executable file name.
- Add one or both of the following parameters to the application’s command line depending on the method (see below) that will be used for starting the client application:
- -transport-port <port number>
- -transport-address <IP address> (if specified)
Where:
- <port number> is the port number that a client will use for its TCP/IP connection to Configuration Server.
- <IP address> is the IP address that a client will use for its TCP/IP connection to Configuration Server.
- To start the application manually, add the client’s connection parameters to the application’s command line. For example:
<switch>_server.exe -host <Configuration Server host> -port <Configuration Server port> -app <T-Server Application> -l <license address> -nco [X]/[Y] -transport-port <port number> -transport-address <IP address>
For more information about starting and starting Genesys components, see the product documentation for the component.
<tabber>
|
2. Add a Configuration Server Application object to the client’s Connections. [+] Show steps
- In Genesys Administrator, open the Provisioning tab and navigate to the folder containing the client application.
- Select the client application and open the Configuration tab.
- If the Configuration Server Application object to which the client will connect is not displayed in the Connections table in the General section, do the following:
- Above the table, click Add.
- In the Browse window, navigate as necessary and select the Configuration Server to which this client will connect.
- Click OK.
- In the Connections table of the General section section, select the Configuration Server Application object to which the client will connect, and click Edit above the table.
- In the Connection Info dialog box, open the Advanced tab.
- In the Transport Protocol Parameters text box, enter one or both of the following parameters:
port=<port number>
address=<IP address> Where:
- <port number> is the port number that a client will use for its TCP/IP connection to the server.
- <IP address> is the IP address (or host name) that a client will use for its TCP/IP connection to the server.
If you specify both of these parameters, use a semicolon as the delimiter. For example:
port=<port number>;address=<IP address> Important The parameters that you specify here must be the same as the parameters that you specified when installing the client.
- Click OK to save the new connection configuration.
|
3. (Optional) Add a client’s connection parameters to the server’s connections properties. [+] Show steps
Use these steps to specify a client’s parameters for connecting to a server application other than Configuration Server.
- In Genesys Administrator, open the Provisioning tab and navigate to the folder containing the client application.
- Select the client application and open the Configuration tab.
- If the server-type Application object to which the client will connect is not displayed in the Connections table in the General section:
- Above the table, click Add.
- In the Browse window, navigate as necessary and select the server to which this client will connect.
- Click OK.
- In the Connections table of the General section, select the server Application object to which the client will connect, and click Edit above the table.
- In the Connection Info dialog box, open the Advanced tab.
- In the Transport Protocol Parameters text box, enter one or both of the following parameters:
port=<port number>
address=<IP address> Where:
- <port number> is the port number that a client will use for its TCP/IP connection to the server.
- <IP address> is the IP address (or host name) that a client will use for its TCP/IP connection to the server.
If you specify both of these parameters, use a semicolon as the delimiter. For example:
port=<port number>;address=<IP address> Important When you add this feature to configured redundant components, the port number and IP address specified in the primary server Application configuration object are automatically propagated to the backup server Application configuration object. Correct these parameters in the backup server Application object manually.
- Click OK to save the new connection configuration.
|
