Chaz - Keywatcher
Chazen pays for a service through Hoffman Security Solutions that utilizes Morse Watchman products for their security key cabinets located at the Chazen and Elvehjem buildings. These are primarily supported by Hoffman Security Solutions, but the server is hosted by DoIT SE Windows, and the security cabinet devices require being set up with static IP addresses on the Chazen network.
The scope of support expected from GDS is minimal, but the following information is documented for reference.
Contact Chazen Building Manager, Adam Hutchinson, for any additional information needed.
Server Info
- Hostname: chaz-key-01.doit.wisc.edu
- IP address: 144.92.74.5
- Location: Data Center - Hosted by SE team
- Local admin needed for client/server communication: kwtouch (see Last Pass for password by searching "Chazen Keywatcher Local")
Services Running on Server
Name | Log on as |
---|---|
KWTrueTouchServer | .\kwtouch |
Message Queuing | Network Service |
SQL Server (KWTTSERVER) | NT Service\MSSQL$KWTTSERVER |
SQL Server Agent (KWTTSERVER) | Network Service |
Keywatcher True Touch Cabinet Info
Device name | IP Address | MAC Address |
---|---|---|
chaz-kwt-01.doit.wisc.edu | 128.104.240.131 | 00:60:0c:82:d5:c2 |
chaz-kwt-02.doit.wisc.edu | 128.104.240.138 | 00-60-0c-82-d6-21 |
Client Info
The client is a software installed on specific computers to manage access to the key cabinets. These computers require a static IP address to communicate with the SQL database on the Keywatcher server. A static IP address via VPN can be used as well, as long as the source and destination addresses are amended to the existing firewall rules in place.
Client installers can be found on the Chazen Shared drive or obtained by Hoffman Security Solutions.
To configure the client on client computer:
- Open the KW True Touch software
- Select server configuration
- Enter the hostname of server: chaz-key-01
- Username: kwtouch
Password: See Last Pass and search for "Chazen Keywatcher Local"
Firewall Rules
Rules are already in place. Some rules are are managed by SEAM and some are by SE, depending on the the direction of the traffic...
- Port 137 - NetBIOS Name Service (UDP/TCP)
- Port 53 - DNS Name Service (UDP/TCP)
- Port 3527 - UDP/Port 1001 TCP - MSMQ Service
- Port 1801 KeyWatcher to Server
- Port 3005 – Client to server