Technical Architecture and Installation of dRofus Server
dRofus is based on a client/server architecture. The program is made up of several central components:
- A database server
- Web based services (Reporting server, document server, login server, web application, web based project administration system)
- Windows client program - dRofus
The database server, web based servers server can all be installed on the same or different computers. When using the program, you have to be connected to the database server. The database can either be hosted by dRofus or the customer can host the servers themself. This has the advantage that the customer can be in full control of the hardware and network facilities, especially if they have specific security requirements. dRofus requires external access to the server for operations and maintenance.
The dRofus client communicates with the dRofus database via TCP port 5432 and port 443 (HTTPS) for the report generator. In order to allow for such communication, these ports need to be open towards the database server.
For projects where dRofus' server is utilized, this means that any firewalls have to allow for outgoing TCP traffic on port 5432 (database traffic) and port 443 (HTTPS) (web based applications) against <servername> (depending which server is used)
Some clients/projects have their own dRofus servers, so traffic has to be permitted to the server specified by the user upon log in. Traffic to the database server is encrypted with SSL.
For more details on firewall requiremens see here: https://drofussupport.freshdesk.com/en/support/solutions/articles/16000022251-drofus-firewall-requirements