TruView Firewall ports: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 81: | Line 81: | ||
=== TVF outbound ports === | === TVF outbound ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: | {| border="1" cellpadding="1" cellspacing="1" style="width: 561px;" | ||
|- | |- | ||
| style="width: 151px;" | '''destination''' | | style="width: 151px;" | '''destination''' | ||
| style="width: | | style="width: 76px;" | '''service''' | ||
| style="width: | | style="width: 316px;" | '''role''' | ||
|- | |- | ||
| style="width: 151px;" | udp/53 | | style="width: 151px;" | udp/53 | ||
| style="width: | | style="width: 76px;" | dns | ||
| style="width: | | style="width: 316px;" | domain name service | ||
|- | |- | ||
| style="width: 151px;" | udp/123 | | style="width: 151px;" | udp/123 | ||
| style="width: | | style="width: 76px;" | ntp | ||
| style="width: | | style="width: 316px;" | network time synchronization | ||
|- | |- | ||
| style="width: 151px;" | udp/161 | | style="width: 151px;" | udp/161 | ||
| style="width: | | style="width: 76px;" | snmp | ||
| style="width: | | style="width: 316px;" | polling interface utilization of exporter | ||
|} | |} | ||
=== TVP inbound ports === | === TVP inbound ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: | {| border="1" cellpadding="1" cellspacing="1" style="width: 561px;" | ||
|- | |- | ||
| style="width: 147px;" | '''destination''' | | style="width: 147px;" | '''destination''' | ||
| style="width: 68px;" | '''service''' | | style="width: 68px;" | '''service''' | ||
| style="width: | | style="width: 328px;" | '''role''' | ||
|- | |- | ||
| style="width: 147px;" | tcp/22 | | style="width: 147px;" | tcp/22 | ||
| style="width: 68px;" | ssh | | style="width: 68px;" | ssh | ||
| style="width: | | style="width: 328px;" | management cli | ||
|} | |} | ||
=== TVP outbound ports === | === TVP outbound ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: | {| border="1" cellpadding="1" cellspacing="1" style="width: 559px;" | ||
|- | |- | ||
| style="width: 143px;" | '''destination''' | | style="width: 143px;" | '''destination''' | ||
| style="width: 73px;" | '''service''' | | style="width: 73px;" | '''service''' | ||
| style="width: | | style="width: 325px;" | '''role''' | ||
|- | |- | ||
| style="width: 143px;" | udp/53 | | style="width: 143px;" | udp/53 | ||
| style="width: 73px;" | dns | | style="width: 73px;" | dns | ||
| style="width: | | style="width: 325px;" | domain name service | ||
|- | |- | ||
| style="width: 143px;" | udp/123 | | style="width: 143px;" | udp/123 | ||
| style="width: 73px;" | ntp | | style="width: 73px;" | ntp | ||
| style="width: | | style="width: 325px;" | network time synchronization | ||
|} | |} | ||
=== Distributed TruView internal communication ports === | === Distributed TruView internal communication ports === | ||
{| border="1" cellpadding="1" cellspacing="1" style="width: | {| border="1" cellpadding="1" cellspacing="1" style="width: 557px;" | ||
|- | |- | ||
| style="width: 153px;" | '''destination''' | | style="width: 153px;" | '''destination''' | ||
| style="width: 65px;" | '''service''' | | style="width: 65px;" | '''service''' | ||
| style="width: | | style="width: 321px;" | '''role''' | ||
|- | |- | ||
| style="width: 153px;" | tcp/443 | | style="width: 153px;" | tcp/443 | ||
| style="width: 65px;" | https | | style="width: 65px;" | https | ||
| style="width: | | style="width: 321px;" | TVC -> TVF/TVP | ||
|- | |- | ||
| style="width: 153px;" | tcp/443 | | style="width: 153px;" | tcp/443 | ||
| style="width: 65px;" | https | | style="width: 65px;" | https | ||
| style="width: | | style="width: 321px;" | TVF/TVP -> TVC | ||
|} | |} | ||
Revision as of 11:18, 19 November 2019
Introduction
A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is equipped with a GUI and is capable of showing NetFlow results. However this GUI is available, it is depreciated and shouldn't be used anymore.
Solution
TVC inbound ports
| destination | service | role |
| tcp/443 | https | user portal |
| tcp/22 | ssh | management cli |
TVC outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| tcp/389 | ldap | remote authentication |
| tcp/636 | sldap | secure remote authentication |
| udp/123 | ntp | network time synchronization |
| tcp/25 | smtp | mailrelay (email external notification) |
| udp/161 | snmp | polling device health status of exporter |
TVF inbound ports
| destination | service | role |
| tcp/443 | https | user portal (depreciated) |
| tcp/22 | ssh | management cli |
| udp/2055,udp/6343* | netflow | receiving netflow packets from exporter |
(*) inbound netflow services are depending on the configuration of the exporting device.
TVF outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| udp/123 | ntp | network time synchronization |
| udp/161 | snmp | polling interface utilization of exporter |
TVP inbound ports
| destination | service | role |
| tcp/22 | ssh | management cli |
TVP outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| udp/123 | ntp | network time synchronization |
Distributed TruView internal communication ports
| destination | service | role |
| tcp/443 | https | TVC -> TVF/TVP |
| tcp/443 | https | TVF/TVP -> TVC |