Security and High Availability

The default installation of Peregrine Management Suite does not include encryption or authentication of the communication between Neuron ESB, Management Suite, RabbitMQ and ElasticSearch servers. This is because a beginner typical installation will have all the components running on the same server or at-least on the servers behind firewall in same VLAN with local IP addresses being used.

When running all services on the same host server, secure the host ports with firewall. The default ports used by RabbitMQ are 5672 and 15672. Default ports used by ElasticSearch are 9200 and 9300. Default port used by Elastic Search is 51005. Default port used by Neuron Discovery service is 51002. Other ports used by Neuron ESB are defined in the application’s zone settings.

When running RabbitMQ and ElasticSearch on different servers, to ensure security and access control, setup new user account and password for RabbitMQ and ElasticSearch in addition to firewall settings for above ports.

If you need to secure traffic on the wire, configure SSL/TLS for RabbitMQ and ElasticSearch as well as the Management Suite installation. You may choose to configure SSL for the ports used by Neuron ESB and Discovery service as well. To configure SSL/TLS, consult the links in the reference section.

For high availability, you can cluster RabbitMQ, ElasticSearch and Event Processor service. For details on high availability consult the link for Management Suite performance testing white paper.