Source | Destination | Ports | Required for | Reason | Notes |
---|---|---|---|---|---|
Anywhere | {gridserver} | 443 TCP | All | HTTPS access to authenticate user | |
GridGuard™ Secured Device | {gridserver} | 389, 636 TCP | All token authentication configurations | Allows access to the GridGuard"’ OpenLDAP server | |
{gridserver} | GridGuard™ Secured Device | 443 TCP | All cookie capture configurations | Allows GridGuard to submit HTTPS requests to secured portal | |
{gridserver} | DNS Servers | 53 UDP | Name resolution | Needed for DNS lookups | |
{gridserver} | SMTP Server | 25, 465 TCP | License Threshold Notifications, Self Registration, and GridKey | Allows sending system notification e-mails and user authentication based e-mails | |
{gridserver} | User Registry (LDAP) | 389, 636 TCP | LDAP based enterprise user registry | Allows GridGuard" to verify user information for authentication | This is typically Active Directory but could be any internal LDAP server(s). |
{gridserver} | User Registry (MySQL) | 3306 TCP | MySQL DB enterprise user registry | Used to store user audit logs externally | (optional) |
{gridserver} | User Registry (MSSQL) | 1433 TCP | MSSQL DB enterprise user registry | Used to store user audit logs externally | (optional) |
{gridserver} | User Registry (PostgreSQL) | 5432 TCP | PostgreSQL DB enterprise user registry | Used to store user audit logs externally | (optional) |
{gridserver} | NTP Server | 123 UDP | All | For time synchronization using NTP | |
Management Network | {gridserver} | 22 TCP | All | Allow SSH access | |
Management Network | {gridserver} | 8443 TCP | All | Allow access to Management Console (ACC) | |
Anywhere | {gridserver} | 443 TCP | All | HTTPS access to authenticate user | |
GridGuard™ Secured Device | {gridserver} | 1812, 1813 UDP | If RADIUS integration is enabled | HTTPS access to authenticate user | |
Anywhere | {gridserver} | 443 TCP | All | Allows secured device to submit user credentials for authentication using RADIUS protocol | |
{gridserver} |
www.syferlock.com, yum.syferlock.com |
80, 443 TCP | All | Download system updates | |
Internal Network | {gridserver} | 5432 TCP | Remote connection to PostgreSQL Database | Allows for remote access to the GridGuard" database for report generation & maintenance | Valid for GridGuard-VA version 4.3 and highe |
Other GridGuard™ servers | {gridserver} | 389,636 TCP 6268,6269 TCP | LDAP Replication | Allows instances in a GridGuard™ cluster to replicate LDAP data |
GridGuard VA Required Network ACLs
Have more questions? Submit a request
Comments