Dell PowerStore 1000T EMC PowerStore Security Configuration Guide - Page 27

Appliance network ports related to file

Get Dell PowerStore 1000T PDF manuals and user guides View all Dell PowerStore 1000T manuals
Add to My Manuals
Save this manual to your list of manuals

Page 27 highlights

Table 2. Appliance network ports (continued) Port Service Protocol 587 3033 3260 SMTP Import iSCSI TCP TCP/UDP TCP 3261 5353 8443 Data mobility TCP Multicast DNS UDP (mDNS) VASA, SupportAssist TCP 8443, 50443, 55443, Windows import host TCP or 60443 agent, Linux import host agent, or VMware import host agent 9443 SupportAssist TCP Access Direction Description should be opened to allow Internet Security Association and Key Management Protocol (ISAKMP) traffic to be forwarded through your firewalls. IP protocol ID 50 should be set to allow IPSec Encapsulating Security Protocol (ESP) traffic to be forwarded. IP protocol ID 51 should be set to allow Authentication Header (AH) traffic to be forwarded. If closed, IPsec connection between PowerStore appliances will be unavailable. Outbound Allows the appliance to send email. If closed, email notifications will be unavailable. Outbound Required for storage import from legacy EqualLogic Peer Storage and Compellent Storage Center systems. • Inbound for Host Required to provide the following access to and ESXi host iSCSI services: access • External host iSCSI access • Bi-directional for • External or PowerStore embedded ESXi replication host iSCSI access • Outbound for storage import • Inter cluster access for replication • Storage import access from legacy EqualLogic Peer Storage, Compellent Storage Center, Unity, and VNX2 systems If closed, iSCSI services will be unavailable. Used by Data mobility to support reasonable replication performance on low latency connection. Bi-directional Used by Data mobility to support reasonable replication performance on high latency connection. Bi-directional Multicast DNS query. If closed, mDNS name resolution will not work. • Inbound for VASA • Required for the VASA Vendor Provider • Outbound for for VASA 3.0. SupportAssist • Required for the related SupportAssist Connect Home functions. Outbound One of these ports must be open when importing data storage from legacy storage systems. Outbound Required for SupportAssist REST API related to Connect Home. Appliance network ports related to file The following table outlines the collection of network ports and the corresponding services that may be found on the appliance related to file. Communication security settings 27

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
Table 2. Appliance network ports (continued)
Port
Service
Protocol
Access Direction
Description
should be opened to allow Internet Security
Association and Key Management Protocol
(ISAKMP) traffic to be forwarded through
your firewalls. IP protocol ID 50 should be set
to allow IPSec Encapsulating Security
Protocol (ESP) traffic to be forwarded. IP
protocol ID 51 should be set to allow
Authentication Header (AH) traffic to be
forwarded. If closed, IPsec connection
between PowerStore appliances will be
unavailable.
587
SMTP
TCP
Outbound
Allows the appliance to send email. If closed,
email notifications will be unavailable.
3033
Import
TCP/UDP
Outbound
Required for storage import from legacy
EqualLogic Peer Storage and Compellent
Storage Center systems.
3260
iSCSI
TCP
Inbound for Host
and ESXi host
access
Bi-directional for
replication
Outbound for
storage import
Required to provide the following access to
iSCSI services:
External host iSCSI access
External or PowerStore embedded ESXi
host iSCSI access
Inter cluster access for replication
Storage import access from legacy
EqualLogic Peer Storage, Compellent
Storage Center, Unity, and VNX2
systems
If closed, iSCSI services will be unavailable.
Used by Data mobility to support reasonable
replication performance on low latency
connection.
3261
Data mobility
TCP
Bi-directional
Used by Data mobility to support reasonable
replication performance on high latency
connection.
5353
Multicast DNS
(mDNS)
UDP
Bi-directional
Multicast DNS query. If closed, mDNS name
resolution will not work.
8443
VASA, SupportAssist
TCP
Inbound for VASA
Outbound for
SupportAssist
Required for the VASA Vendor Provider
for VASA 3.0.
Required for the related SupportAssist
Connect Home functions.
8443, 50443, 55443,
or 60443
Windows import host
agent, Linux import
host agent, or
VMware import host
agent
TCP
Outbound
One of these ports must be open when
importing data storage from legacy storage
systems.
9443
SupportAssist
TCP
Outbound
Required for SupportAssist REST API related
to Connect Home.
Appliance network ports related to file
The following table outlines the collection of network ports and the corresponding services that may be found on the appliance related to
file.
Communication security settings
27