TruView Firewall ports
Introduction
Please remember that Pulse, Software nPoint and Hardware nPoint are communication the same way.
In general, nPoint is contacting the nGeniusPULSE Server, not the other way around.
Service Test are executed by the nPoint. Device monitoring is done by nGeniusPULSE server or a Collector.
Even when there's no Service Test running on the nPoint, the nPoint will contact nGeniusPULSE Server every minute to update its configuration.
Solution
TVC inbound ports
| destination | service | role |
| tcp/443 | https | User Portal |
| tcp/22 | ssh | Management CLI |
TVC outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| tcp/389 | ldap | remote authentication |
| tcp/636 | sldap | secure remote authentication |
| udp/123 | ntp | network time synchronization |
| tcp/25 | smtp | mailrelay |
| udp/161 | snmp | device health |
TVF inbound ports
| destination | service | role |
| tcp/443 | https | User Portal |
| tcp/22 | ssh | Management CLI |
| udp/2055,udp/6343* | netflow | NetFlow |
(*) inbound netflow services are depending on the configuration of the exporting device.
TVF outbound ports
| destination | service | role |
| udp/53 | dns | domain name service |
| udp/123 | ntp | network time synchronization |
| udp/161 | snmp | interface utilization |
TruView internal communication ports
| destination | service | role |
| tcp/443 | https | TVC -> TVF |
| tcp/443 | https | TVF -> TVC |