Trend Micro ServerProtect supports Microsoft Windows and Novell NetWare platforms. If you are installing ServerProtect on your network for the first time, you must set the destination server as an Information Server, then configure the Normal Servers to join it. An Information Server must have at least one ServerProtect domain to manage its Normal Servers.
The following table shows the different installation environments for each ServerProtect setup component on Microsoft Windows platforms:
| Windows Version | Information Server | Normal Server | Management Console |
|---|---|---|---|
| Windows 2000 Professional | |||
| Windows 2000 Server/Advance Server | |||
| Windows 2003 Server family 32-bit | |||
| Windows 2003 Server family 64-bit | (WOW64) | (WOW64) | |
| Windows 2008 Server family 32-bit without Hyper-V | |||
| Windows 2008 Server family 64-bit with Hyper-V | (WOW64) | (WOW64) | |
| Windows 2008 Server family 64-bit without Hyper-V | (WOW64) | (WOW64) | |
| Windows 2008 server family 32-bits server core mode | |||
| Windows 2008 server family 64-bits server core mode | |||
| Windows XP Desktop family | |||
| Windows Vista Desktop family |
This section describes the firewall settings of ServerProtect components. Make sure to configure your firewall correctly ensure that the communication is open.
- Open the 1000-1009 port for TCP protocol.
1000-1009 is used by Management console to receive the event back message from information server.
The management console will listen at the port 1000 when startup. If the port is occupied by other program, management console will find one available port from 1000 – 1009.
- Open the 5005-5014 ports in TCP protocol.
Port 5005 is used to receive the commands from Management Console. Normally, 5005 must be opened. If it is used by other program, please find one available port from 5006-5014 and open firewall setting.
- Open ports 3000-3009 (UDP).
Port 3000 is used to receive broadcast message. If port 3000 is occupied by certain program, please find one available port from 3000-3009 one by one and open the firewall.
- Open ports 137-139 for RPC Over named pipe.
- 137 (UDP)
- 138 (UDP)
- 139 (TCP)
These ports are opened to enable SPNT to use RPC over named pipe protocol to communicate.
- Open port 3628 (TCP).
Port 3628 is used to receive event back.
- Open port 1921 for SPX/TCP with Netware.
Port 1921 is used to communicate with Netware in SPX/TCP protocol.
- Open port 5168 for listening RPC over TCP/IP from the Information Server.
Port 5168 is used to receive commands from information server.
- Open ports 137-139 for named pipe.
- 137 Protocol is UDP
- 138 Protocol is UDP
- 139 Protocol is TCP
These ports are opened to enable SPNT to use RPC over named pipe protocol to communicate.
Firewall settings in the netware machine with Normal Server.
- Open port 9921 (SPX/TCP).
This port is used to receive commands from the Information Server
If you are installing ServerProtect for the first time, and all the servers on your network are running a Windows Server, the installation is quite straightforward.
To deploy ServerProtect in a Microsoft Windows environment:
- Install the Information Server.
- Install the Normal Server on the Information Server computer.
- Install the Management Console on the Information Server computer.
You can install additional Management Consoles on any Windows server or desktop system computer in the network.
Only one Management Console can manage an Information Server at any given time. - Update ServerProtect pattern and scan engine files.
- Create additional ServerProtect domains to manage your Normal Servers.
- Install the remaining Normal Servers using the Management Console.
Steps 1, 2 and 3 can be executed simultaneously during the initial Setup.
Even in NetWare environments, the portion of the network where the Management Console and the Information Server play their roles still has to be installed and executed on Microsoft Windows platform(s). Only the ServerProtect Normal Server component for NetWare (NW) is installed on NetWare server platforms.
ServerProtect can be used to protect a file server network composed of server platforms of both Microsoft Windows and Novell NetWare.
ServerProtect can be managed from multiple locations across a WAN. However, to ensure proper network performance, Trend Micro suggests that you install Information Servers in the same network domain of a workgroup of the network as the Normal Servers they manage.
Because the Management Console uses TCP/IP to communicate with Information Servers, it’s easy to manage ServerProtect from any point inside most company Intranets.