Port settings

As a best practice, use a firewall to protect the IMC server cluster by filtering the non-service data sent to the cluster. If the firewall is installed on the master server or subordinate servers, open the IP addresses of the subordinate servers or the master server in the firewall to ensure correct communication between them.

NOTE:

As a best practice to avoid legitimate packet fragments being filtered, do not use ACLs on switches to filter data packets destined for the IMC server cluster.
NTA/UBA typically uses probes for log collection. When a firewall is deployed between the probes and IMC, configure ACLs on the firewall to allow IP packets sent by the probes to IMC.

Make sure the ports used by the IMC components (listed in Table 16 and Table 17) are not blocked by the firewall.

Table 16: Port numbers used by the IMC platform

Default port number	Usage	Location
UDP 161	Port to add a device to the IMC	Device
UDP 22	Port for SSH operations	Device
TCP 23	Port for Telnet operations	Device
UDP 514, 515	Port for syslog operations	IMC server
UDP 162	Port for trap operations	IMC server
TCP 8080, configurable	HTTP access to IMC	IMC server
TCP 8443, configurable	HTTPS access to IMC	IMC server
UDP 69	Port for Intelligent Configuration Center to perform configuration management through TFTP	IMC server
TCP 20, 21	Port for Intelligent Configuration Center to perform configuration management through FTP	IMC server
TCP 2810	Port for data file backup and restoration by using DBMan	IMC server

Table 17: Port numbers used by the IMC NTA/UBA

Default port number	Usage	Location
UDP 9020, 9021, 6343	Port for the IMC server to receive logs	IMC server
TCP 8051	Listening port used to monitor the command for stopping the NTA/UBA service	IMC server
TCP 9099	JMX listening port for the NTA/UBA service	IMC server
UDP 18801, 18802, 18803	Communication ports between the NTA and UBA	IMC server

prev	up	next
Antivirus software	home	Backing up and restoring the database