We working with our server teams to develop a 'golden image' for Server 2012 R2. As part of that effort we want to ensure that all of the appropriate configurations are made to allow us to do monitoring via NPM, SAM, etc. I've posted my list of requirements so far. What did I miss? What is on your list of requirements for monitoring a Server 2012 box? (No need to worry about application specific requirements like ActiveDirectory, etc. --- this is lowest common denominator stuff.)
| Rule Name | Directionality | Protocol | Port(s) | Purpose | References |
| SNMP | Inbound | UDP | 161 | SNMP queries | |
| SNMP Trap | Outbound | UDP | 162 | ||
| ICMP Echo | Inbound | ICMP | Ping | ||
| WinRM | Inbound | TCP | 5985 | Windows Remote Management allows PowerShell queries from polling engines | |
| WinRM HTTPS | Inbound | TCP | 5986 | Windows Remote Management allows PowerShell queries from polling engines | http://msdn.microsoft.com/en-us/library/aa384372(v=vs.85).aspx |
| WMI | Inbound | TCP | 135+ | WMI polling from Server and Application Monitor (+ is RPC Port Mapper >=1024) | http://support.microsoft.com/kb/154596 |
| SAM Agent | Inbound | TCP | 17778 | For use with SAM 6.2 agents | |
| SAM Agent | Ooutbound | TCP | 17778 | For use with SAM 6.2 agents |
Edit: Big HT to HolyGuacamole for catching my cut/paste error on ICMP Echo (oh the shame!) and for reminding me that WMI requires RPC Port Mapper (aka Every Port >= 1024 Known to Man). Also preemptively added the SAM Agent on his advice. Good call!