TruView Firewall ports: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 2: | Line 2: | ||
== Introduction == | == Introduction == | ||
A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is capable of showing results. | |||
== Solution == | == Solution == | ||
| Line 14: | Line 8: | ||
=== TVC inbound ports === | === TVC inbound ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: | {| border="1" cellpadding="1" cellspacing="1" style="width: 558px;" | ||
|- | |- | ||
| style="width: | | style="width: 156px;" | '''destination''' | ||
| style="width: | | style="width: 72px;" | '''service''' | ||
| style="width: | | style="width: 312px;" | '''role''' | ||
|- | |- | ||
| style="width: | | style="width: 156px;" | tcp/443 | ||
| style="width: | | style="width: 72px;" | https | ||
| style="width: | | style="width: 312px;" | user portal | ||
|- | |- | ||
| style="width: | | style="width: 156px;" | tcp/22 | ||
| style="width: | | style="width: 72px;" | ssh | ||
| style="width: | | style="width: 312px;" | management cli | ||
|} | |} | ||
=== TVC outbound ports === | === TVC outbound ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: | {| border="1" cellpadding="1" cellspacing="1" style="width: 556px;" | ||
|- | |- | ||
| '''destination''' | | style="width: 156px;" | '''destination''' | ||
| '''service''' | | style="width: 70px;" | '''service''' | ||
| '''role''' | | style="width: 312px;" | '''role''' | ||
|- | |- | ||
| udp/53 | | style="width: 156px;" | udp/53 | ||
| dns | | style="width: 70px;" | dns | ||
| domain name service | | style="width: 312px;" | domain name service | ||
|- | |- | ||
| tcp/389 | | style="width: 156px;" | tcp/389 | ||
| ldap | | style="width: 70px;" | ldap | ||
| remote authentication | | style="width: 312px;" | remote authentication | ||
|- | |- | ||
| tcp/636 | | style="width: 156px;" | tcp/636 | ||
| sldap | | style="width: 70px;" | sldap | ||
| secure remote authentication | | style="width: 312px;" | secure remote authentication | ||
|- | |- | ||
| udp/123 | | style="width: 156px;" | udp/123 | ||
| ntp | | style="width: 70px;" | ntp | ||
| network time synchronization | | style="width: 312px;" | network time synchronization | ||
|- | |- | ||
| tcp/25 | | style="width: 156px;" | tcp/25 | ||
| smtp | | style="width: 70px;" | smtp | ||
| mailrelay | | style="width: 312px;" | mailrelay (email external notification) | ||
|- | |- | ||
| udp/161 | | style="width: 156px;" | udp/161 | ||
| snmp | | style="width: 70px;" | snmp | ||
| device health | | style="width: 312px;" | device health | ||
|} | |} | ||
=== TVF inbound ports === | === TVF inbound ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: | {| border="1" cellpadding="1" cellspacing="1" style="width: 559px;" | ||
|- | |- | ||
| '''destination''' | | style="width: 154px;" | '''destination''' | ||
| style="width: | | style="width: 72px;" | '''service''' | ||
| style="width: | | style="width: 315px;" | '''role''' | ||
|- | |- | ||
| tcp/443 | | style="width: 154px;" | tcp/443 | ||
| style="width: | | style="width: 72px;" | https | ||
| style="width: | | style="width: 315px;" | user portal (depreciated) | ||
|- | |- | ||
| tcp/22 | | style="width: 154px;" | tcp/22 | ||
| style="width: | | style="width: 72px;" | ssh | ||
| style="width: | | style="width: 315px;" | management cli | ||
|- | |- | ||
| udp/2055,udp/6343* | | style="width: 154px;" | udp/2055,udp/6343* | ||
| style="width: | | style="width: 72px;" | netflow | ||
| style="width: | | style="width: 315px;" | netflow packets from exporter | ||
|} | |} | ||
| Line 89: | Line 83: | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | {| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | ||
|- | |- | ||
| '''destination''' | | style="width: 151px;" | '''destination''' | ||
| '''service''' | | style="width: 65px;" | '''service''' | ||
| '''role''' | | style="width: 266px;" | '''role''' | ||
|- | |||
| style="width: 151px;" | udp/53 | |||
| style="width: 65px;" | dns | |||
| style="width: 266px;" | domain name service | |||
|- | |||
| style="width: 151px;" | udp/123 | |||
| style="width: 65px;" | ntp | |||
| style="width: 266px;" | network time synchronization | |||
|- | |||
| style="width: 151px;" | udp/161 | |||
| style="width: 65px;" | snmp | |||
| style="width: 266px;" | interface utilization of exporter | |||
|} | |||
=== TVP inbound ports === | |||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | |||
|- | |||
| style="width: 147px;" | '''destination''' | |||
| style="width: 68px;" | '''service''' | |||
| style="width: 267px;" | '''role''' | |||
|- | |||
| style="width: 147px;" | tcp/22 | |||
| style="width: 68px;" | ssh | |||
| style="width: 267px;" | management cli | |||
|} | |||
=== TVP outbound ports === | |||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | |||
|- | |- | ||
| | | style="width: 143px;" | '''destination''' | ||
| | | style="width: 73px;" | '''service''' | ||
| | | style="width: 266px;" | '''role''' | ||
|- | |- | ||
| udp/ | | style="width: 143px;" | udp/53 | ||
| | | style="width: 73px;" | dns | ||
| | | style="width: 266px;" | domain name service | ||
|- | |- | ||
| udp/ | | style="width: 143px;" | udp/123 | ||
| | | style="width: 73px;" | ntp | ||
| | | style="width: 266px;" | network time synchronization | ||
|} | |} | ||
=== TruView internal communication ports === | === Distributed TruView internal communication ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | {| border="1" cellpadding="1" cellspacing="1" style="width: 500px;" | ||
|- | |- | ||
| style="width: | | style="width: 153px;" | '''destination''' | ||
| style="width: | | style="width: 65px;" | '''service''' | ||
| style="width: | | style="width: 264px;" | '''role''' | ||
|- | |- | ||
| style="width: | | style="width: 153px;" | tcp/443 | ||
| style="width: | | style="width: 65px;" | https | ||
| style="width: | | style="width: 264px;" | TVC -> TVF/TVP | ||
|- | |- | ||
| style="width: | | style="width: 153px;" | tcp/443 | ||
| style="width: | | style="width: 65px;" | https | ||
| style="width: | | style="width: 264px;" | TVF/TVP -> TVC | ||
|} | |} | ||
Revision as of 11:07, 19 November 2019
Introduction
A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is capable of showing results.
Solution
TVC inbound ports
| destination | service | role |
| tcp/443 | https | user portal |
| tcp/22 | ssh | management cli |
TVC outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| tcp/389 | ldap | remote authentication |
| tcp/636 | sldap | secure remote authentication |
| udp/123 | ntp | network time synchronization |
| tcp/25 | smtp | mailrelay (email external notification) |
| udp/161 | snmp | device health |
TVF inbound ports
| destination | service | role |
| tcp/443 | https | user portal (depreciated) |
| tcp/22 | ssh | management cli |
| udp/2055,udp/6343* | netflow | netflow packets from exporter |
(*) inbound netflow services are depending on the configuration of the exporting device.
TVF outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| udp/123 | ntp | network time synchronization |
| udp/161 | snmp | interface utilization of exporter |
TVP inbound ports
| destination | service | role |
| tcp/22 | ssh | management cli |
TVP outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| udp/123 | ntp | network time synchronization |
Distributed TruView internal communication ports
| destination | service | role |
| tcp/443 | https | TVC -> TVF/TVP |
| tcp/443 | https | TVF/TVP -> TVC |