====== MSP RMM - Site Concentrator ======
MSP Remote Monitoring & Management has a feature called a ''Site Concentrator'' that provides a central download point for updates:
- The designated Site Concentrator server downloads all updates
- The other machines in the site get their updates from the Site Concentrator
:!: This feature provides much of the functionality of Microsoft's WSUS Server without the complications.
The Site Concentrator server **provides its services via TCP port 8123**.
The Site Concentrator server **firewall must permit traffic to port 8123**.
===== Designate a Site Concentrator =====
**MSP RMM Dashboard -> Right-click a site -> Edit Site -> Site Concentrator (tab)**
- **Specify a server** to be the ''Site Concentrator''
- **Select** ''Open Windows Firewall'' checkbox
- **Save**
==== Configure the Site Concentrator ====
On the Site Concentrator server:
- **Open** the ''Advanced Monitoring Agent'' from the Start Menu and log in
- **Edit** ''Agent Settings'' (tab)
- **Deselect** ''Use a Proxy Server'' (disable proxy usage)
- **Save and test** the agent's connection
- **Restart** the ''Advanced Monitoring Agent'' **services** or **reboot**
{{:computing:security:msp_rmm_agent.png?200|Advanced Monitoring Agent Login}}
{{:computing:security:msp_rmm_agent_edit_agent_options.png?300|Edit Agent Options}} {{:computing:security:msp_rmm_agent_agent_conn.png?350|Agent Connection Settings}}
===== Test Access to Site Concentrator =====
Once you have performed the previous steps to designate a Site Concentrator, you should test the access.
We have seen where the above procedure does not always open the firewall on Domain Controller servers being designated as a Site Concentrator. You should test access and adjust the Site Concentrator's firewall if necessary.
- **Wait for a short interval** after the above procedure
* The MSP RMM agent adds the firewall rule to the Site Concentrator server
- **Test that the port is open** using ''telnet''
:!: The ''telnet'' feature must be installed on a Windows computer. It is not installed by default.
telnet YourSCHostName 8123
{{ :computing:security:msp_rmm_edit_site.png?650 |Edit Site}}
{{ :computing:security:msp_rmm_firewall_rule_site_concentrator_create.png?650 |Designate a Site Concentrator}}
==== Success or Failure ====
How to evaluate the results of your ''telnet'' test:
**If the port is open**, ''telnet'' will connect and display a **blank CMD box**.
**If the port is closed**, the DOS CMD box will just hang at ''Connecting...''
Press ''control-['' (escape) then type ''quit'' and press the ''enter'' key to exit ''telnet''. Hover over the following images for more tips.
{{ :computing:security:msp_rmm_firewall_rule_site_concentrator_test.png?600 |Test Port 8123}}
{{ :computing:security:msp_rmm_firewall_rule_site_concentrator_test_success.png?600 |A Successful Test}}
{{ :computing:security:msp_rmm_firewall_rule_site_concentrator_test_fail.png?600 |A Failed Test}}
===== Adjust the Windows Firewall on the Site Concentrator =====
:!: Domain Controllers use the **Domain Profile** of the Windows Firewall.
{{ :computing:security:msp_rmm_firewall_rule_site_concentrator.png?750 |Windows Advanced Firewall}}
{{ :computing:security:msp_rmm_firewall_rule_site_concentrator_properties.png?400 |Advanced Monitoring Agent Site Concentrator Rule}}
===== Symptom of Blocked Access to Site Concentrator =====
**If client access to a designated Site Concentrator fails**, you will often see **alternating failures and successes** in the Managed Antivirus updates. First the client tries to download the updates from the Site Concentrator (fails), then it tries to download the update from Internet servers (succeeds).
Once you **open the firewall** on the Site Concentrator, the **updates almost always succeed**.
{{ :computing:security:msp_rmm_mav_update_failures.png?400 |Alternating Update Failures}}
Once you fix the connectivity issue, you can initiate a MAV update using the **MSP RMM Dashboard**:
**Right-click a workstation -> Managed Antivirus Scan -> Update Threat Definitions**