Our environment has a wide spread of PC's across multiple connection
types. The two major sites are connected on the WAN inside the firewall
and the rest are all connected using DSL (with dynamic IP address
assignments) and are connected outside the firewall (without any form
of VPN).

We need to implement inventory collection across all sites to all
network connected assets.

The internal sites aren't a problem at all. The problems we're
identifying are with the external sites.

1) What ports will need to be opened for the site collection server to
communicate to the central database server in the DMZ?

2) Bearing in mind that the site collection server is behind a NAT and
the connection uses a dynamic address assignment, will the collection
fully work or will some functionality be hampered?

We've already found that the task server requires an ODBC connection to
the database server, so we've slimmed down the local server to only be
a Collection Server.

Jesse Pretorius
SysOps Consulting