TruView Firewall ports: Difference between revisions

From wiki.comcert.com
Jump to navigation Jump to search
No edit summary
No edit summary
Line 2: Line 2:
== Introduction ==
== Introduction ==


Please remember that Pulse, Software nPoint and Hardware nPoint are communication the same way.
A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is capable of showing results.
 
In general, nPoint is contacting the nGeniusPULSE Server, not the other way around.
 
Service Test are executed by the nPoint. Device monitoring is done by nGeniusPULSE server or a Collector.
 
Even when there's no Service Test running on the nPoint, the nPoint will contact nGeniusPULSE Server every minute to update its configuration.


== Solution ==
== Solution ==
Line 14: Line 8:
=== TVC inbound ports ===
=== TVC inbound ports ===


{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
{| border="1" cellpadding="1" cellspacing="1" style="width: 558px;"
|-
|-
| style="width: 126px;" | '''destination'''
| style="width: 156px;" | '''destination'''
| style="width: 134px;" | '''service'''
| style="width: 72px;" | '''service'''
| style="width: 224px;" | '''role'''
| style="width: 312px;" | '''role'''
|-
|-
| style="width: 126px;" | tcp/443
| style="width: 156px;" | tcp/443
| style="width: 134px;" | https
| style="width: 72px;" | https
| style="width: 224px;" | User Portal
| style="width: 312px;" | user portal
|-
|-
| style="width: 126px;" | tcp/22
| style="width: 156px;" | tcp/22
| style="width: 134px;" | ssh
| style="width: 72px;" | ssh
| style="width: 224px;" | Management CLI
| style="width: 312px;" | management cli
|}
|}


=== TVC outbound ports ===
=== TVC outbound ports ===


{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
{| border="1" cellpadding="1" cellspacing="1" style="width: 556px;"
|-
|-
| '''destination'''
| style="width: 156px;" | '''destination'''
| '''service'''
| style="width: 70px;" | '''service'''
| '''role'''
| style="width: 312px;" | '''role'''
|-
|-
| udp/53
| style="width: 156px;" | udp/53
| dns
| style="width: 70px;" | dns
| domain name service
| style="width: 312px;" | domain name service
|-
|-
| tcp/389
| style="width: 156px;" | tcp/389
| ldap
| style="width: 70px;" | ldap
| remote authentication
| style="width: 312px;" | remote authentication
|-
|-
| tcp/636
| style="width: 156px;" | tcp/636
| sldap
| style="width: 70px;" | sldap
| secure remote authentication
| style="width: 312px;" | secure remote authentication
|-
|-
| udp/123
| style="width: 156px;" | udp/123
| ntp
| style="width: 70px;" | ntp
| network time synchronization
| style="width: 312px;" | network time synchronization
|-
|-
| tcp/25
| style="width: 156px;" | tcp/25
| smtp
| style="width: 70px;" | smtp
| mailrelay
| style="width: 312px;" | mailrelay (email external notification)
|-
|-
| udp/161
| style="width: 156px;" | udp/161
| snmp
| style="width: 70px;" | snmp
| device health
| style="width: 312px;" | device health
|}
|}


=== TVF inbound ports ===
=== TVF inbound ports ===


{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
{| border="1" cellpadding="1" cellspacing="1" style="width: 559px;"
|-
|-
| '''destination'''
| style="width: 154px;" | '''destination'''
| style="width: 83px;" | '''service'''
| style="width: 72px;" | '''service'''
| style="width: 163px;" | '''role'''
| style="width: 315px;" | '''role'''
|-
|-
| tcp/443
| style="width: 154px;" | tcp/443
| style="width: 83px;" | https
| style="width: 72px;" | https
| style="width: 163px;" | User Portal
| style="width: 315px;" | user portal (depreciated)
|-
|-
| tcp/22
| style="width: 154px;" | tcp/22
| style="width: 83px;" | ssh
| style="width: 72px;" | ssh
| style="width: 163px;" | Management CLI
| style="width: 315px;" | management cli
|-
|-
| udp/2055,udp/6343*
| style="width: 154px;" | udp/2055,udp/6343*
| style="width: 83px;" | netflow
| style="width: 72px;" | netflow
| style="width: 163px;" | NetFlow
| style="width: 315px;" | netflow packets from exporter
|}
|}


Line 89: Line 83:
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
|-
|-
| '''destination'''
| style="width: 151px;" | '''destination'''
| '''service'''
| style="width: 65px;" | '''service'''
| '''role'''
| style="width: 266px;" | '''role'''
|-
| style="width: 151px;" | udp/53
| style="width: 65px;" | dns
| style="width: 266px;" | domain name service
|-
| style="width: 151px;" | udp/123
| style="width: 65px;" | ntp
| style="width: 266px;" | network time synchronization
|-
| style="width: 151px;" | udp/161
| style="width: 65px;" | snmp
| style="width: 266px;" | interface utilization of exporter
|}
 
=== TVP inbound ports ===
 
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
|-
| style="width: 147px;" | '''destination'''
| style="width: 68px;" | '''service'''
| style="width: 267px;" | '''role'''
|-
| style="width: 147px;" | tcp/22
| style="width: 68px;" | ssh
| style="width: 267px;" | management cli
|}
 
=== TVP outbound ports ===
 
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
|-
|-
| udp/53
| style="width: 143px;" | '''destination'''
| dns
| style="width: 73px;" | '''service'''
| domain name service
| style="width: 266px;" | '''role'''
|-
|-
| udp/123
| style="width: 143px;" | udp/53
| ntp
| style="width: 73px;" | dns
| network time synchronization
| style="width: 266px;" | domain name service
|-
|-
| udp/161
| style="width: 143px;" | udp/123
| snmp
| style="width: 73px;" | ntp
| interface utilization
| style="width: 266px;" | network time synchronization
|}
|}


=== TruView internal communication ports ===
=== Distributed TruView internal communication ports ===


{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
{| border="1" cellpadding="1" cellspacing="1" style="width: 500px;"
|-
|-
| style="width: 234px;" | '''destination'''
| style="width: 153px;" | '''destination'''
| style="width: 106px;" | '''service'''
| style="width: 65px;" | '''service'''
| style="width: 143px;" | '''role'''
| style="width: 264px;" | '''role'''
|-
|-
| style="width: 234px;" | tcp/443
| style="width: 153px;" | tcp/443
| style="width: 106px;" | https
| style="width: 65px;" | https
| style="width: 143px;" | TVC -> TVF
| style="width: 264px;" | TVC -> TVF/TVP
|-
|-
| style="width: 234px;" | tcp/443
| style="width: 153px;" | tcp/443
| style="width: 106px;" | https
| style="width: 65px;" | https
| style="width: 143px;" | TVF -> TVC
| style="width: 264px;" | TVF/TVP -> TVC
|}
|}



Revision as of 11:07, 19 November 2019

Introduction

A distributed TruView environment always contains a TVC. The TVC is the window to your data and it can be accompanied by a TVF, a TVP or both. Please note that a TVP (TruView Packet) acts a true packet collector, while a TVF (TruView Flow) is capable of showing results.

Solution

TVC inbound ports

destination service role
tcp/443 https user portal
tcp/22 ssh management cli

TVC outbound ports

destination service role
udp/53 dns domain name service
tcp/389 ldap remote authentication
tcp/636 sldap secure remote authentication
udp/123 ntp network time synchronization
tcp/25 smtp mailrelay (email external notification)
udp/161 snmp device health

TVF inbound ports

destination service role
tcp/443 https user portal (depreciated)
tcp/22 ssh management cli
udp/2055,udp/6343* netflow netflow packets from exporter

(*) inbound netflow services are depending on the configuration of the exporting device.

TVF outbound ports

destination service role
udp/53 dns domain name service
udp/123 ntp network time synchronization
udp/161 snmp interface utilization of exporter

TVP inbound ports

destination service role
tcp/22 ssh management cli

TVP outbound ports

destination service role
udp/53 dns domain name service
udp/123 ntp network time synchronization

Distributed TruView internal communication ports

destination service role
tcp/443 https TVC -> TVF/TVP
tcp/443 https TVF/TVP -> TVC