Enabling and monitoring persistent connections in IT Management Suite 8.x
search cancel

Enabling and monitoring persistent connections in IT Management Suite 8.x

book

Article ID: 174422

calendar_today

Updated On:

Products

IT Management Suite Client Management Suite

Issue/Introduction

Please see the following document for more information before enabling persistent connections:

Troubleshoot NSE Processing in 8.5 and later

Enabling and monitoring persistent connections in your ITMS 8.x system.

"Persistent connection in IT Management Suite enables real-time data transfer from and to Symantec Management Agent and lets you perform tasks on client computers in real-time. For example, you can gather inventory on client computers in real time to validate the current hardware or software state.

"Persistent connection in IT Management Suite uses a WebSocket communication protocol. WebSocket operates over HTTPS and uses the standard HTTPS port (443) for communication. It does not require keeping additional ports open on the servers or on the client computers. It also uses existing SSL certificates for communication.

"When the persistent connection is enabled for the Notification Server, site servers, and all required agents, it is used for all management traffic: registrations, sending NSEs, policy downloads, etc. Note that the WebSocket protocol is not used for package downloads.

"If persistent connections are disabled or terminated by intermediate hardware, the communication reverts to using legacy HTTP or HTTPS protocols."

Source: About the Symantec Management Agent communication using persistent connection

Environment

Windows Server 2016 R2 or later supported server

IT Management Suite (ITMS) 8.x

Resolution

A persistent connection requires an HTTPS connection between the Agents and the desired server. Notification and Site Servers are required to have IIS 8.0 and higher. This is due to the need to use web sockets that were introduced in IIS 8. Server 2012 is needed to run IIS 8 as well. 

Please use the following steps to enable persistent connection in your environment:

NOTE: Ensure that WebSocket Protocol is enabled in Roles on the Notification Server and Site Servers you intend to use for persistent connections. 

  • In Server Manager, add Roles and Features, and under Roles, enable WebSocket Protocol under Web Server > Application Development

1) First, using the Symantec Management Console, go to the "Notification Server Settings", enable "Persistent Connection" and then "Save changes".

2) Second, go to Settings>All Settings>Agents/Plug-ins>Symantec Management Agent>Symantec Management Agent Communication Profiles and choose the Notification Server.

Click the "Edit" link to the right of "Persistent connection..." and the "Persistent Connection Settings for Communication Profile" dialog box appears.

Check the box to "

3) Third, go to Settings>Notification Server>Site Server Settings>Site Server Settings and click on "Global Site Server Settings". Then enable "Persistent Connection" and "Save changes".

Note:

Make sure the Task Server supports Websockets.

To enable support for the WebSocket Protocol, use the following steps:

    1. Open Server Manager.
    2. Under the Manage menu, click Add Roles and Features.
    3. Select Role-based or Feature-based Installation, and then click Next.
    4. Select the appropriate server, (your local server is selected by default), and then click Next.
    5. Expand Web Server (IIS) in the Roles tree, then expand Web Server, and then expand Application Development.
    6. Select WebSocket Protocol, and then click Next.
    7. If no additional features are needed, click Next.
    8. Click Install.
    9. When the installation completes, click Close to exit the wizard.
    10. Restart IIS services and Altiris Services on that Task Server.

Note:
Sometimes you may need to add these IIS Roles:

    • IIS-StaticContent
    • IIS-WebSockets

4) In order to monitor persistent connections from the Symantec Management Console, go to Reports>All Reports>Notification Server Management>Agent and click on "Agent Connection Status."

5) To verify the persistent connection for an individual client machine, open the Symantec Management Agent for that machine and look at the "Server Connection" (shown in yellow below).

Additional Information

NOTE: If Persistent Connections / Time Critical Management / Endpoint Management Workspaces / has been configured, please be advised that Persistent Connections uses a lot of CPU threads keeping connections opened on the SMP.  If you don't need Persistent Connections it's advised to turn them off.  This information is from the following KB article:

205352 How to troubleshoot NSE processing issues (see Step #8)

Powered by Wolken Software