2.2 Device Communication

In order for Indeni to run its full set of intelligent knowledge checks, you need to Create a User in the management system for the device you want to add, then add that user to a Credential Set. We recommend creating a unique Indeni user for auditing and security purposes.

The privilege level required varies depending on the device type. When possible, we avoid the need to use an administrative account for accessing the device, but in some cases, it cannot be avoided due to limitations to the network device.

If communication between Indeni and the analyzed devices passes through a firewall, please allow the following:

  • SSH (TCP 22) – Used for collecting information from the analyzed devices.
  • HTTPS (TCP 443, 8082, 8088 or 8443)
  • Ping (ICMP Echo) – Devices are pinged regularly by Indeni to ensure they are responding.
  • SNMP – Used for collecting information from the analyzed devices.

Please see the below chart for vendor port requirements:

DEVICE VENDORSSH PORTHTTP PORTSNMP
BlueCat22 8088 or 8443
Blue Coat228082x
Check Point22xx
Cisco22x
F522443x
FireEye22xx
Fortinet22443x
Gigamon22xx
Juniper22xx
Palo Alto Networks22443
Radware22443x
Symantec22xx
Zscaler22xx

Common Communication Issues

If the Indeni server is unable to communicate with the device, it will return an error.  The most common reasons for a communication issue are:

  1. An issue with the credentials – either 
    1. You have mistyped the username/password in the Credential Set
    2. The device’s IP Address is not in the subnet(s) assigned to the Credential Set
    3. Those credentials don’t exist on that device or don’t have the correct permissions
    4. Missing Privileges Password for the following Vendors/Products:
      Bluecoat Proxy
      Cisco ASA
      FireEye NX
      Gigamon Gigavue
      Symantec CAS
  2. Connectivity issues between the device and the Indeni server.  This could be
    1. Basic connectivity between Indeni server and device.  The easiest way to test this is to log on directly to the Indeni server’s Linux interface and ping the device.
    2. SSH connectivity between the Indeni server and the device.  Validate that SSH is enabled on the device using port 22.

BlueCat acquires Indeni to boost its industry-leading DNS, DHCP and IP address management platform to help customers proactively assess network health and prevent outages.