Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Dell Financial Services Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Dell APEX Cloud Platform for Microsoft Azure Security Configuration Guide

PDF

Network security

Dell APEX Cloud Platform networking is configured during installation and the initial process.

Consult with your sales representative or partner to prepare your switches and network before installation.

Interface security

Interfaces within the Dell APEX Cloud Platform use Transport Layer Security (TLS) version 1.2 or later for secure communications. This includes the following:

  • Dell APEX Cloud Platform extension for the Windows Admin Center
  • Dell APEX Cloud Platform APIs

Services

Network communications are encrypted and authenticated between components using HTTPS or SSH. Clear-text protocols such as Telnet or FTP are not installed.

SSH is disabled by default on the Dell APEX Cloud Platform nodes. If SSH is required for system operations, it is dynamically enabled and disabled by the SSHD after the operation is concluded. If you override the configuration and enable SSH on the nodes, Dell APEX Cloud Platform cannot disable the service after use and the configuration with SSH enabled is retained.

Port mapping

The following ports are used to make the connections on the security control map:

Table 1. Security control map ports
Component or Service Source-Destination Port Protocol

KCS

Interface between Windows HCI OS and iDRAC

NA NA

USBNIC

USBNIC -> Redfish

169.254.0.2/24

443

TLS

Active Directory

Cloud Platform Manager Active Directory

636

LDAPs

Node iDRAC

USBNIC -> iDRAC

User: vxpsvc

Password: autorotated

443

HTTPS

Management network

Dell APEX Cloud Platform Manager and HCI OS management network

NA NA

Port proxy

Port forward -> USBNIC

9090

TLS

PowerShell

Interface between APEX Cloud Platform Manager and Windows HCI OS

5985

HTTP

Firewall requirements

For the Microsoft firewall requirements, see the Firewall requirements for Azure Stack HCI topic.

Table 2. Dell firewall requirements
Service URL Port number Type Function
ESE *.emc.com

443

8443

TCP Needed for communication between APEX Cloud Platform Manager to Dell Call Home servers.

Rate this content

Accurate
Useful
Easy to understand
Was this article helpful?
0/3000 characters
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\