Unsolved
1 Rookie
•
8 Posts
0
475
firewall requirement
I have existing eSRS GW 3.52 cluster with 2 nodes and a Policy Manager running. We only use it to monitor our DD, VMAX, PMAX and Isilon and will have no plan to monitor any other device in the future. Firewall was opened for those devices and they are working fine since day 1. I thought about upgrading the appliance to SCG but the disk space is not sufficient and I don't know how to expand the volume (OS level expansion) in eSRS Virtual Appliance. So, my plan is to shutdown eSRS and deploy SCG with the same IP. That way, I don't need to worry about firewall rules. In case, it does not work, I can rollback to eSRS.
I check the SCG doc and see new port are required. "Table 6. Network ports for local system". I know port 5700 is required for client access. 443 and 8443 are opened already. I can open 161 and 162. However, the traffic for ports below are not specified.
80 TCP and HTTP Outbound Communicate using HTTP. (Is the destination EMC Global / Enterprise servers?)
1311 TCP Outbound Communicate with Dell OpenManage Server Administrator. (Is the destination to Dell servers in our site? We don't want to add any Dell servers for eSRS monitoring)
5701 - 5704 TCP and HTTPS Inbound Collect telemetry from devices. (source is the EMC devices like DD, PMAX ect)
Thanks,
Andy
DellEMCSupport
Moderator
Moderator
•
631 Posts
0
May 2nd, 2023 13:00
Hi,
Thanks for your question. 80 is used for HTTP but it should prioritize HTTPS over 443. 1311 is for server monitoring, so if you aren’t using that you don’t need to. 5701-5604 are for communication with the devices but may not be necessary it depends on the networking between the SCG and the devices.
Let us know if you have any additional questions.
ayeung
1 Rookie
1 Rookie
•
8 Posts
0
June 13th, 2023 09:00
I am working with firewall team to get the port opened. The new Policy Manager is an appliance. Is it built with SuSE Linux?