Getting Started > SAM Requirements > Additional SAM technology requirements > AppInsight for IIS requirements and permissions

AppInsight for IIS requirements and permissions

Review the requirements and permissions for configuring AppInsight for IIS nodes in your environment. AppInsight for IIS data is collected at the same default 5 minute polling interval as other application templates.

AppInsight for IIS requirements and permissions

  • PowerShell 2.0 or higher must be installed on the IIS server.
  • Administrator rights or equivalent credentials to the IIS server bring monitored is needed for configuration. Non-administrative permissions for polling and monitoring is only achievable using the optional Orion Agent.
  • IIS 7.0 or higher must be installed.
  • AppInsight for IIS supports the following versions of Microsoft operating systems and their respective IIS versions:

  • Microsoft OS Version >IIS Version Supported

    Microsoft Windows 2008

    IIS 7.0

    Microsoft Windows 2008 R2

    IIS 7.5

    Microsoft Windows 2012

    IIS 8.0

    Microsoft Windows 2012 R2 IIS 8.5

If any prerequisite is missing, the application goes into an Unknown state.

Some resources may not function properly in Internet Explorer 8 or earlier. Consider upgrading Internet Explorer or using an alternate web browser such as Firefox or Chrome.

AppInsight for IIS technologies and ports

The following table outlines the technologies and ports used by AppInsight for IIS:

The IIS server must have the ports open on the managed nodes.

Technology Port Notes
RPC Endpoint Mapper TCP port 135 SAM uses this port to establish WMI/RPC connections to the remote computer. RPC is required for getting performance counters information via the ASP.NET resource.
WMI TCP ports 1025 - 5000 or TCP ports 49152 - 65535 By default, Microsoft Windows uses a random port from this range for WMI communications. The default port range differs based on the operating system. You must create a firewall exception on the remote computer.
PowerShell TCP port 5986 This is a secure listener hosted in the WinRM service.
HTTP TCP, At least one port mentioned in the bindings of a site. If the connection is not allowed, the HTTP Monitor is hidden.
HTTPS TCP. At least one port mentioned in the secure bindings of a site. If the connection is not allowed, the HTTPS Monitor will be hidden.
SSL TCP. At least one port mentioned in the secure bindings of a site. If the connection is not allowed, the SSL Certificate Expiration Date Monitor will be hidden.
SMB (Windows Shares) TCP port 445 Used for Site Directory Information and Log Directory Information.