SyferLock Help Center

GridGuard VA Required Network ACLs


Source Destination Ports Required for Reason Notes
Anywhere {gridserver} 443 TCP All HTTPS access to authenticate user  
GridGuard™ Secured Device {gridserver} 389, 636 TCP All token authentication configurations Allows access to the GridGuard"’ OpenLDAP server  
{gridserver} GridGuard™ Secured Device 443 TCP All cookie capture configurations Allows GridGuard to submit HTTPS requests to secured portal  
{gridserver} DNS Servers 53 UDP Name resolution Needed for DNS lookups  
{gridserver} SMTP Server 25, 465 TCP License Threshold Notifications, Self Registration, and GridKey Allows sending system notification e-mails and user authentication based e-mails  
{gridserver} User Registry (LDAP) 389, 636 TCP LDAP based enterprise user registry Allows GridGuard" to verify user information for authentication This is typically Active Directory but could be any internal LDAP server(s). 
{gridserver} User Registry (MySQL) 3306 TCP MySQL DB enterprise user registry Used to store user audit logs externally  (optional) 
{gridserver} User Registry (MSSQL) 1433 TCP MSSQL DB enterprise user registry Used to store user audit logs externally  (optional) 
{gridserver} User Registry (PostgreSQL) 5432 TCP PostgreSQL DB enterprise user registry Used to store user audit logs externally  (optional) 
{gridserver} NTP Server 123 UDP All For time synchronization using NTP  
Management Network {gridserver} 22 TCP All Allow SSH access  
Management Network {gridserver} 8443 TCP All Allow access to Management Console (ACC)  
Anywhere {gridserver} 443 TCP All HTTPS access to authenticate user  
GridGuard™ Secured Device {gridserver} 1812, 1813 UDP If RADIUS integration is enabled HTTPS access to authenticate user  
Anywhere {gridserver} 443 TCP All Allows secured device to submit user credentials for authentication using RADIUS protocol  
{gridserver}

www.syferlock.com, 

yum.syferlock.com

80, 443 TCP All Download system updates  
Internal Network {gridserver} 5432 TCP Remote connection to PostgreSQL Database Allows for remote access to the GridGuard" database for report generation & maintenance Valid for GridGuard-VA version 4.3 and highe
Other GridGuard™ servers {gridserver}  389,636 TCP 6268,6269 TCP LDAP Replication Allows instances in a GridGuard™ cluster to replicate LDAP data  
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

Powered by Zendesk