TruView Firewall ports: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 2: | Line 2: | ||
== Introduction == | == Introduction == | ||
A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is capable of showing results. | A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is equipped with a GUI and is capable of showing NetFlow results. However this GUI is available, it is depriciated and shouldn't be used anymore. | ||
== Solution == | == Solution == | ||
| Line 53: | Line 53: | ||
| style="width: 156px;" | udp/161 | | style="width: 156px;" | udp/161 | ||
| style="width: 70px;" | snmp | | style="width: 70px;" | snmp | ||
| style="width: 312px;" | device health | | style="width: 312px;" | polling device health status of exporter | ||
|} | |} | ||
| Line 74: | Line 74: | ||
| style="width: 154px;" | udp/2055,udp/6343* | | style="width: 154px;" | udp/2055,udp/6343* | ||
| style="width: 72px;" | netflow | | style="width: 72px;" | netflow | ||
| style="width: 315px;" | netflow packets from exporter | | style="width: 315px;" | receiving netflow packets from exporter | ||
|} | |} | ||
| Line 97: | Line 97: | ||
| style="width: 151px;" | udp/161 | | style="width: 151px;" | udp/161 | ||
| style="width: 65px;" | snmp | | style="width: 65px;" | snmp | ||
| style="width: 266px;" | interface utilization of exporter | | style="width: 266px;" | polling interface utilization of exporter | ||
|} | |} | ||
Revision as of 11:16, 19 November 2019
Introduction
A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is equipped with a GUI and is capable of showing NetFlow results. However this GUI is available, it is depriciated and shouldn't be used anymore.
Solution
TVC inbound ports
| destination | service | role |
| tcp/443 | https | user portal |
| tcp/22 | ssh | management cli |
TVC outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| tcp/389 | ldap | remote authentication |
| tcp/636 | sldap | secure remote authentication |
| udp/123 | ntp | network time synchronization |
| tcp/25 | smtp | mailrelay (email external notification) |
| udp/161 | snmp | polling device health status of exporter |
TVF inbound ports
| destination | service | role |
| tcp/443 | https | user portal (depreciated) |
| tcp/22 | ssh | management cli |
| udp/2055,udp/6343* | netflow | receiving netflow packets from exporter |
(*) inbound netflow services are depending on the configuration of the exporting device.
TVF outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| udp/123 | ntp | network time synchronization |
| udp/161 | snmp | polling interface utilization of exporter |
TVP inbound ports
| destination | service | role |
| tcp/22 | ssh | management cli |
TVP outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| udp/123 | ntp | network time synchronization |
Distributed TruView internal communication ports
| destination | service | role |
| tcp/443 | https | TVC -> TVF/TVP |
| tcp/443 | https | TVF/TVP -> TVC |