Preparing to Install SDC

Before installing SmartSource Data Collector (SDC), review this article for special considerations.

Network Considerations

SDC is a specialized Web server. It receives HTTP requests from Web clients, processes the requests, and appropriately responds to the Web clients. The connections established between the clients and the server use TCP/IP. To make the required connection, the Web server must be listening on a predetermined port associated with a known IP address. The client must have knowledge of the IP address and connectivity to the Web server.

Before installing SDC, consider the issues related to the configuration of your network that enable the TCP/IP communication between the Web server and Web clients. Most importantly, keep in mind that the SDC server is a Web server that must be available for Web clients to make HTTP requests.

Load Balancer Considerations

If you plan to install SDC on multiple computers behind a load balancer, there are additional network and operations considerations.

• Install the same version on each SDC computer. When you upgrade versions, you need to install the new version on each before you bring any of them back on line.
• Configure each SDC computer the same way so that they are mirror images of each other. Any differences in configuration could cause problems during analysis, particularly for settings such as cookies.
• Implement a method of gathering the log files from each SDC computer and moving them to a location accessible by WebTrends Analytics. After you install SDC, you will create a WebTrends profile that specifies the collection of log files to use for reporting.
• Make sure that the client IP logged is not the IP address of the load balancer. Some load balancers are configured to overwrite the client IP address resulting in reports that show all traffic coming from one visitor.
• Webtrends does not recommend using X-Forwarded-For. This has the potential to pass multiple IP addresses, which will cause analysis failure. Configure your load balancer to allow client IP passthrough.
• Make sure that the load balancer is not configured to track visitor sessions, because hits from SDC contain all the data needed that enable WebTrends to identify visitor sessions. Configuring the load balancer to identify hits throughout the session slows the web server needlessly.
• As a best practice, you should configure the load balancer to host the SSL certificates if you want to use SSL. Hosting the certificates on each SDC server would put unnecessary burden on the server, degrading performance.

Security Considerations

Because external clients make requests to the SDC server, carefully consider the security of your server before installing SDC. The SDC server is a specialized Web server, but the security issues related to the SDC server are common to the security issues of standard Web servers.

Many types of threats are related to Web server operations:

• Unauthorized access to confidential data
• Data corruption
• Web site disruption
• Denial of Service (DoS) and other types of attacks

One approach to a secure configuration of the SDC server employs a “deny all” model. This approach begins with all services disabled, and enables only those services necessary for the operation of the SDC server. Specifically, do not enable services such as telnet, mail, and finger. For the SDC server, the only TCP/IP link to the Internet required is port 80. (Port 443 is also required if you use secure connections using SSL.)

Firewalls are often used to protect Web servers and internal corporate networks. You can select from many types of firewalls and numerous ways to configure them and their corresponding networks. To use a firewall (which can be composed of routers, network segments, and host computers), you need to determine the location of your SDC server relative to the firewall in your network. You can put the SDC server outside or inside of the firewall. If you place the Web server outside of the firewall, it is more susceptible to malicious attacks. However, if an attacker breaks in, only the boundaries of the SDC server will have been breached and not the entire corporate network.

The details about the types of security breaches and the methods for preventing these attacks are beyond the scope of this document. However, it is highly recommended that you address the security concerns before exposing the SDC server to external users.