Firewall ports: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
(16 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
== Introduction == | == Introduction == | ||
Please remember that Pulse, Software nPoint and Hardware nPoint are communication the same way. | |||
In general, nPoint is contacting the nGeniusPULSE Server, not the other way around. | |||
Service Test are executed by the nPoint. Device monitoring is done by nGeniusPULSE server or a Collector. | |||
Even when there's no Service Test running on the nPoint, the nPoint will contact nGeniusPULSE Server every minute to update its configuration. | |||
| |||
== Solution == | == Solution == | ||
=== Inbound nGeniusPULSE Server/Collector === | |||
=== Inbound nGeniusPULSE | |||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | {| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | ||
|- | |- | ||
! scope="col" | | ! scope="col" | destination | ||
! scope="col" | service | ! scope="col" | service | ||
! scope="col" | role | ! scope="col" | role | ||
Line 38: | Line 46: | ||
| CLI | | CLI | ||
|- | |- | ||
| | | udp/123 | ||
| ntp | | ntp | ||
| network time server | | network time server | ||
Line 45: | Line 53: | ||
| | ||
=== | === Outbound nGeniusPULSE Server/Collector* === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | |||
|- | |||
! scope="col" | destination | |||
! scope="col" | service | |||
! scope="col" | role | |||
|- | |||
| udp/123 | |||
| ntp | |||
| network time synchronozation | |||
|- | |||
| udp/161 | |||
| snmp | |||
| snmp | |||
|- | |||
| tcp/443 | |||
| https | |||
| | |||
communication with virtual center and wireless controller | |||
|- | |||
| ip protocol #1 type 0 and 8 | |||
| icmp echo request/reply | |||
| ping monitorred devices | |||
|- | |||
| tcp/25 | |||
| smtp | |||
| email | |||
|- | |||
| tcp/386 | |||
| ldap | |||
| remote authentication | |||
|- | |||
| tcp/636 | |||
| sldap | |||
| secure remote authentication | |||
|} | |||
| (*) outbound services are depending on the features that are in use. | ||
| | ||
=== Inbound nPoint === | |||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | |||
|- | |||
! scope="col" | destination | |||
! scope="col" | service | |||
! scope="col" | role | |||
|- | |||
| tcp/80 | |||
| http | |||
| web UI | |||
|- | |||
| tcp/22 | |||
| ssh | |||
| CLI | |||
|} | |||
| | ||
| === Outbound nPoint* === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | |||
|- | |||
! scope="col" | destination | |||
! scope="col" | service | |||
! scope="col" | role | |||
|- | |||
| tcp/443 | |||
| https | |||
| communication with nPoint | |||
|} | |||
(*) outbound services are depending on the Service Test configured. |
Latest revision as of 15:51, 21 July 2018
Introduction
Please remember that Pulse, Software nPoint and Hardware nPoint are communication the same way.
In general, nPoint is contacting the nGeniusPULSE Server, not the other way around.
Service Test are executed by the nPoint. Device monitoring is done by nGeniusPULSE server or a Collector.
Even when there's no Service Test running on the nPoint, the nPoint will contact nGeniusPULSE Server every minute to update its configuration.
Solution
Inbound nGeniusPULSE Server/Collector
destination | service | role |
---|---|---|
tcp/8443 | https | communication with nGeniusONE |
tcp/443 | https |
secure web UI communication with nPoint |
tcp/80 | http | web UI |
udp/514 | syslog | syslog receiver |
tcp/22 | ssh | CLI |
udp/123 | ntp | network time server |
Outbound nGeniusPULSE Server/Collector*
destination | service | role |
---|---|---|
udp/123 | ntp | network time synchronozation |
udp/161 | snmp | snmp |
tcp/443 | https |
communication with virtual center and wireless controller |
ip protocol #1 type 0 and 8 | icmp echo request/reply | ping monitorred devices |
tcp/25 | smtp | |
tcp/386 | ldap | remote authentication |
tcp/636 | sldap | secure remote authentication |
(*) outbound services are depending on the features that are in use.
Inbound nPoint
destination | service | role |
---|---|---|
tcp/80 | http | web UI |
tcp/22 | ssh | CLI |
Outbound nPoint*
destination | service | role |
---|---|---|
tcp/443 | https | communication with nPoint |
(*) outbound services are depending on the Service Test configured.