Securing communications between FotoWeb and Index Manager
Requirements for pushing Index Manager metadata to the FotoWeb database
When Index Manager hosts archives for a FotoWeb 8.0 server, it must be configured to push metadata to the database on the FotoWeb server.
- Open Index Manager Settings and go to General.
- On the Indexes tab, select Push metadata to FotoWeb server.
If Index Manager and FotoWeb are on the same physical Windows server, you can enter localhost:7200 to connect to FotoWeb's metadata database. If FotoWeb runs on a separate server, use the correct server name and make sure the firewall allows connections to port 7200. - Select Save and restart the service to incorporate the changes.
When Index Manager restarts, it will start polling for the FotoWeb database until it can make a connection. You can find evidence of this in the log on the Operations Center Status app.
Important firewall considerations
Port 7200, which is used for pushing metadata from Index Manager to FotoWeb MUST NOT under any circumstances be accessible from any networks where unauthorized people could access it.
Port 7000/7001, used for client communications from FotoWeb and FotoStation to Index Manager, SHOULD NOT be accessible from the Internet unless it is necessary to access Operations Center over the Internet. If this is necessary, we strongly recommend using HTTPS and opening only port 7001.
FWP Protocol requirements
When setting up archives on the FotoWeb server, each archive connects to an Index on the Index Manager service. This communication runs over the FWP/FWPS (secure, TLS) protocols on ports 7000 and 7001, respectively. If the FotoWeb and Index Manager servers are separate, the firewall on these servers needs to be configured to allow communications over these ports.
Tip: If Index Manager and FotoWeb servers are separate and run inside the same server room, using an unencrypted connection on port 7000 is recommended for performance reasons, since encryption is often not required for communications between servers in the same server room.