Insight Communications Overview
Posted by Adam Zilliax, Last modified by Adam Zilliax on 07 May 2019 12:07 PM
Faronics Insight supports a number of configuration options for network communication. This document will detail these methods and their requirements.
Insight makes use of port 796 and 11796 for inbound traffic on student and teacher systems. These ports must be open to all inbound traffic for the product to function.
Insight further makes use of port 1053 for inbound and outbound UDP traffic to communicate status updates (when a student leaves a class for example). While the product can function without this port open some functionality (specifically when used in a 1:1 or BYOD device scenario) may be limited or unavailable.
Insight will make use of a number of dynamic ports for Student and Teachers to send information, these ports are selected at runtime by the operating system and will generally fall within a range between 49152 to 65535.
Thin Clients & Terminal Servers
Thin Clients connected to Terminal Servers will make use of dynamic ports above to ensure that each student will have a unique port number to communicate with the Teacher Console. This will require that the dynamic port range between 49152 to 65535 be open to inbound communication from the Teacher Console and Insight Connection server.
Insight Connection Server
The Insight Connection Server (ICS) is a communications component that can be loaded on a Windows Server to act as a central communications point for Student and Teacher machines to communicate with each other through. Installation of an ICS is required if Student workstations running Chrome OS (Chromebooks / Chromeboxes) are going to be monitored.
The Insight Connection Server is a standard TCP / IP connection over ports 8080 and 8085 and as such as long as a routable connection between the clients and the servers exist and traffic is not explicitly blocked this configuration should function in most network environments.
In most cases Faronics does recommend configuring and using an Insight Connection Server as it provides the most consistent results when deployed.
IP Broadcast is the default mode that the Insight Teacher and Student will install using. This method works well in small networks consisting of a single subnet and makes use of broadcast traffic on the local network to discover client machines and communicate between the Teacher and Student workstations. While this is method is perfectly acceptable for smaller networks it may not function as expected in situations where there are multiple subnets, VLAN’s are involved, or wireless traffic is being filtered.
IP Multicast is an optional mode that will allow Insight Teacher and Student workstations to make use of Multicast traffic on the local network. This method is somewhat more efficient from a traffic standpoint and may yield improvements in performance in some situations. Multicast traffic however may not be as reliable in some network configurations as it is typically restricted to a single subnet and may not function properly when clients are connecting over a wireless network.
Insight uses the multicast range of 220.127.116.11 to 18.104.22.168 when IP Multicast is enabled.
IP Directed Broadcast
IP Directed Broadcast is a configuration option that allows the Insight Teacher to target a network that is outside of its own subnet so that machines on that network segment or VLAN can be monitored. While this method does potentially allow the Teacher console to monitor machines outside of its own subnet this method will require that the network be configured to allow broadcast traffic to pass between the various segments of the network without being filtered or blocked.
To configure Insight to use IP Directed Broadcast you will need to configure Insight with the broadcast address for each network that you are going to monitor. A tool called DirBcastAddr.EXE is included in the Insight install package to assist in calculating this address.