Deploying ArcSight Platform and ESM on the Same Server

Micro Focus recommends that you install ArcSight Platform and ESM on different servers because this enables the use of ArcSight Platform high availability and provides the option to deploy additional capabilities in the future. However, if you plan to use only the ESM Command Center, you can install it on a single node on the same server where you installed ESM.

When you install the Platform, specify a OMT API Server Port that does not use the same port as the ESM server (default 8443). For more information about ArcSight Platform Firewall ports, see the Technical Requirements for ArcSight Platform. For example, when you use the ArcSight Platform installer, the example-install-config-esm_cmd_center-single-node.yaml sets the master-api-ssl-port to port 7443.

To deploy on the same server:

  1. Install ESM.

    Always install ESM before you install the Platform.
  2. Add the ESM https port in iptables using the following commands.

    1. To find your active zones, use the following command:
    2. firewall-cmd --get-active-zones
    3. To add the ESM port in iptables, use the following command. By default the port number is 8443, see Technical Requirements for ArcSight Platform.

      firewall-cmd --zone=public --add-port=<port_number>/tcp --permanent
      This step enables you to access ESM externally (outside the firewall).
    4. To reload the firewall so that the changes are applied, use the following command:

      firewall-cmd --reload
  3. Continue with the Platform preparation and deployment.