Network Requirements

FlexNet Manager Suite 2023 R2 (On-Premises)
Important: The presentation server for the web interface of FlexNet Manager Suite issues the HSTS header (HTTP Strict Transport Security), consistent with security best practice. The impacts are:
  • Once the presentation server has been successfully accessed using the HTTPS protocol without any certificate errors, the client web browser enforces HTTPS for all future communication (for example, it automatically corrects any URL entered with the HTTP protocol). This also means that all security certificates must be kept up-to-date, because, in the event of a future certificate failure, no alternate access to the server is permitted.
  • If you only use the HTTP protocol to access your presentation server, you can continue to do so without impact. A possible configuration, for example, may mean that your browsers use the HTTPS secure protocol to access your production server, but you may have a test server in a less exposed network where you allow browsers to stay with HTTP exclusively. Both environments will function normally with the HSTS header in place.

General Settings

Category Requirement Notes

Internet Protocol version

IPv4, IPv6 and dual-stack

Remote execution (such as remote discovery and inventory collection) requires IPv4.

Communication between FlexNet Manager Suite in the cloud and the top-level inventory beacon server(s) requires IPv4.

Microsoft CAL device license calculations require IPv4 for CAL evidence collection and computer inventory.

Library downloads

  • For the ARL:
  • For the EOSL library:
  • For the SKU library:
  • For the PURLs:, including access to any sub-directories of this that may be returned to your server in response to its initial request.

The application server (or in multi-server implementations, the batch server) requires access to the URLs shown for downloading regular updates of the data libraries to which your license entitles you. In addition, if that server is protected from the Internet by a proxy server, access to those same URLs must be authorized by the proxy server.


Minimally, 80 (for HTTP) or 443 (for HTTPS) to access the central application server(s).

Note: Other optional inventory sources may require additional ports. For further details, refer to the topic Ports and URLs for inventory beacons in the online help.

Transport Layer Security (TLS)


TLS 1.2 is required for communication between the inventory beacon and the application server.

Communication between the application server and the Flexera Analytics server (powered by Cognos) does not support TLS 1.2 in the standard configuration. Please refer to Knowledge Base article Flexera Analytics connection to SQL Server Fails When Server is Configured to use TLS 1.2

FlexNet Manager Suite (On-Premises)

2023 R2