| Source | Destination | Ports | Required for | Reason | Notes |
|---|---|---|---|---|---|
| Anywhere | {gridserver} | 443 TCP | All | HTTPS access to authenticate user | |
| GridGuard™ Secured Device | {gridserver} | 389, 636 TCP | All token authentication configurations | Allows access to the GridGuard"’ OpenLDAP server | |
| {gridserver} | GridGuard™ Secured Device | 443 TCP | All cookie capture configurations | Allows GridGuard to submit HTTPS requests to secured portal | |
| {gridserver} | DNS Servers | 53 UDP | Name resolution | Needed for DNS lookups | |
| {gridserver} | SMTP Server | 25 TCP | License Threshold Notifications, Self Registration, and GridKey | Allows outgoing SMTP connections | Required only if using internal SMTP server |
| {gridserver} | User Registry (LDAP) | 389, 636 TCP | LDAP based enterprise user registry | Allows GridGuard" to verify user information for authentication | |
| {gridserver} | User Registry (Oracle) | 1521 TCP | ORACLE DB enterprise user registry | Allows GridGuard" to verify user information for authentication | |
| Anywhere | {gridserver} | 443 TCP | All | HTTPS access to authenticate user | |
| {gridserver} | User Registry (MySQL) | 3306 TCP | MySQL DB enterprise user registry | Allows GridGuard" to verify user information for authentication | |
| {gridserver} | User Registry (MSSQL) | 1433 TCP | MSSQL DB enterprise user registry | Allows GridGuard" to verify user information for authentication | |
| {gridserver} | User Registry (PostgreSQL) | 5432 TCP | PostgreSQL DB enterprise user registry | Allows GridGuard" to verify user information for authentication | |
| {gridserver} | NTP Server | 123 UDP | All | For time synchronization using NTP | |
| Internal Network | {gridserver} | 22 TCP | All | Allow SSH access | |
| Internal Network | {gridserver} | 8443 TCP | All | Allow access to Management Console (ACC) | |
| Anywhere | {gridserver} | 443 TCP | All | HTTPS access to authenticate user | |
| GridGuard™ Secured Device | {gridserver} | 1812, 1813 UDP | If RADIUS integration is enabled | HTTPS access to authenticate user | |
| Anywhere | {gridserver} | 443 TCP | All | Allows secured device to submit user credentials for authentication using RADIUS protocol | |
| {gridserver} | Anywhere | 80, 443 TCP | All | Download system updates | |
| Internal Network | {gridserver} | 5432 TCP | Remote connection to PostgreSQL Database | Allows for remote access to the GridGuard" database for report generation & maintenance | Valid for GridGuard-VA version 4.3 and highe |
| Internal Network | {gridserver} | 3306 TCP | Remote connection to MySQL Database | Allows for remote access to the GridGuard" database for report generation & maintenance | Valid for GridGuard-VA version 4.2 and lower |
| Anywhere | {gridserver} | 443 TCP | All | HTTPS access to authenticate user | |
| Anywhere | {gridserver} | 443 TCP | All | HTTPS access to authenticate user | |
| Other GridGuard™ servers | {gridserver} | 22 TCP, 389,636 TCP 6268,6269 TCP | LDAP Replication | Allows instances in a GridGuard™ cluster to replicate LDAP data | |
| Other GridGuard™ servers | {gridserver} | 5432 TCP | PostgreSQL Replication | Allows instances in a GridGuard™ cluster to replicate DB data | GridGuard-VA version 4.3 and highe |
| Other GridGuard™ servers | {gridserver} | 3306 TCP | All | Allows instances in a GridGuard™ cluster to replicate DB data | GridGuard-VA version 4.2 and lower |
GridGuard VA Required Network ACLs
Have more questions? Submit a request
Comments