Table 1 List of Common Ports Used by STRM Components. Port Direction Reason. components. your SMTP gateway

Similar documents
JSA Common Ports Lists

UPGRADING STRM TO R1 PATCH

STRM Log Manager Administration Guide

Partition Splitting. Release Juniper Secure Analytics. Juniper Networks, Inc.

NSM Plug-In Users Guide

Deploying JSA in an IPV6 Environment

Deploying STRM in an IPV6 Environment

Forwarding Logs Using Tail2Syslog. Release Security Threat Response Manager. Juniper Networks, Inc.

Managing User-Defined QID Map Entries

Setting Up an STRM Update Server

Network and Security Manager (NSM) Release Notes DMI Schema

Integrating WX WAN Optimization with Netscreen Firewall/VPN

SETTING UP A JSA SERVER

Customizing the Right-Click Menu

STRM Administration Guide

Unless otherwise noted, all references to STRM refer to STRM, STRM Log Manager, and STRM Network Anomaly Detection.

Network and Security Manager (NSM) Release Notes DMI Schema

Network Configuration Example

Restore Data. Release Juniper Secure Analytics. Juniper Networks, Inc.

Network and Security Manager (NSM) Release Notes DMI Schema

Log Sources Users Guide

Network and Security Manager (NSM) Release Notes DMI Schema

Network and Security Manager (NSM) Release Notes DMI Schema & NSM Schema

Installing JSA Using a Bootable USB Flash Drive

RSA NetWitness Logs. Juniper Networks NetScreen ScreenOS Last Modified: Wednesday, November 8, Event Source Log Configuration Guide

Network and Security Manager (NSM) Release Notes DMI Schema & NSM Schema

Network and Security Manager (NSM) Release Notes DMI Schema & NSM Schema

Network Configuration Example

Reference Data Collections

Technical Configuration Example

Network Configuration Example

Reconfigure Offboard Storage During a JSA Upgrade

Upgrading STRM to

High Availability Guide

MsActivator (VSOC 8.2) Administration Guide

J-Care Agility Services Advanced Options

Cluster Upgrade. SRX Series Services Gateways for the Branch Upgrade Junos OS with Minimal Traffic Disruption and a Single Command APPLICATION NOTE

NSM Plug-In Users Guide

WinCollect User Guide

VMWARE VIEW WITH JUNIPER NETWORKS SA SERIES SSL VPN APPLIANCES

UDP Director Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

CounterACT 7.0. Quick Installation Guide for a Single Virtual CounterACT Appliance

Cisco ISE Ports Reference

Cisco ISE Ports Reference

NSM Plug-In Users Guide

QUICKSTART GUIDE FOR BRANCH SRX SERIES SERVICES GATEWAYS

Cisco ISE Ports Reference

Cisco ISE Ports Reference

RSA NetWitness Logs. F5 Big-IP Access Policy Manager. Event Source Log Configuration Guide. Last Modified: Friday, May 12, 2017

Administration of Symantec Cyber Security Services (July 2015) Sample Exam

Network Configuration Example

UDP Director Virtual Edition

STRM Adaptive Log Exporter

Juniper Secure Analytics

Intrusion Detection and Prevention Release Notes

Release Notes Patch 1

Patch Release Notes. Release Juniper Secure Analytics. Juniper Networks, Inc.

STRM Series to JSA Series

Network Configuration Example

JUNOS SCOPE SOFTWARE IP SERVICE MANAGER

MITEL PERFORMANCE ANALYTICS

Introduction to IGMP for IPTV Networks

Release Notes. Juniper Secure Analytics. Juniper Networks, Inc North Mathilda Avenue Sunnyvale, CA USA

Method of Procedure for HNB Gateway Configuration on Redundant Serving Nodes

JUNIPER NETWORKS PRODUCT BULLETIN

STRM Getting Started Guide. Release Security Threat Response Manager. Juniper Networks, Inc.

RSA NetWitness Logs. Imperva SecureSphere. Event Source Log Configuration Guide. Last Modified: Monday, May 22, 2017

Juniper Secure Analytics Patch Release Notes

Deploying the BIG-IP LTM with IBM QRadar Logging

RSA NetWitness Logs. F5 Big-IP Application Security Manager. Event Source Log Configuration Guide. Last Modified: Friday, May 12, 2017

RSA NetWitness Logs. Juniper Networks NetScreen Firewall Last Modified: Monday, October 9, Event Source Log Configuration Guide

RSA NetWitness Logs. EMC Data Domain. Event Source Log Configuration Guide

Network Configuration Example

TECHNICAL WHITE PAPER. Avaya SIP Enablement Services (SIP) 3.0 / Ports and Protocols

RSA NetWitness Logs. DenyAll Web Application Firewall. Event Source Log Configuration Guide. Last Modified: Thursday, November 2, 2017

Juniper Secure Analytics

Technology Overview. Retrieving VLAN Information Using SNMP on an EX Series Ethernet Switch. Published:

RSA NetWitness Logs. Cisco Adaptive Security Appliance Last Modified: Wednesday, November 8, Event Source Log Configuration Guide

Wireless LAN. SmartPass Quick Start Guide. Release 9.0. Published: Copyright 2013, Juniper Networks, Inc.

MITEL PERFORMANCE ANALYTICS

Juniper Secure Analytics Patch Release Notes

Adaptive Log Exporter Users Guide

EMC Symmetrix VMAX Cloud Edition

Juniper Networks Certification Program

Juniper Secure Analytics Virtual Appliance Installation Guide

Junos OS Multiple Instances for Label Distribution Protocol Feature Guide Release 11.4 Published: Copyright 2011, Juniper Networks, Inc.

Deploying VMware Identity Manager in the DMZ. JULY 2018 VMware Identity Manager 3.2

Syncplicity Panorama with Isilon Storage. Technote

Network Configuration Example

Avaya Port Matrix: Avaya Diagnostic Server 3.0

VMware vrealize Log Insight Getting Started Guide

Network Configuration Example

Oracle Hospitality Simphony Cloud Services Post-Installation or Upgrade Guide Release 2.10 E July 2018

Stealthwatch Flow Sensor Virtual Edition Installation and Configuration Guide (for Stealthwatch System v6.9.0)

vrealize Operations Management Pack for NSX for vsphere 3.5 Release Notes

Port Forwarding Setup (RTA1025W)

Secure Remote Access with Comprehensive Client Certificate Management

Certification Graphics Usage

M1000, M2000, M3000. eprism Installation Guide

IP Communications Required by the Cisco TelePresence Exchange System

Transcription:

TECHNICAL NOTE OPEN PORTS USED BY STRM November 2010 This document provides information about the ports used by and between STRM components. Table 1 lists the common ports used by STRM components, identifies the signaling direction for that port, and provides the reason for using the port. Note: The ports listed in this document are valid only when iptables is enabled on your STRM system. Table 1 List of Common Ports Used by STRM Components TCP 22 - SSH TCP 25 - SMTP UDP/TCP 37 - Rdate (time) STRM to all other components From all managed hosts to your SMTP gateway All systems to the STRM STRM to the NTP or RDATE server Remote management access Adding a remote system as a managed host Retrieving log files End-user desktops to the STRM High Availability (HA) E-mail to an SMTP gateway Error/warning e-mail messages to an administrative e-mail contact To keep time synchronized, especially on QFlow Collectors Release 2010.0 TN30082010-A

2 Table 1 List of Common Ports Used by STRM Components (continued) TCP 80 - Apache/https End users to the STRM End users to the STRM Deployment Editor TCP 443 - Apache/https STRM managed hosts connecting to the STRM End users connecting to the STRM UDP 514 - Syslog TCP 5432 - Postgres TCP 10000 - Remote Server management (Web-Based System Administration Interface) TCP 7676, 7677 - Messaging connections (imq) TCP 32000-33999 - Data flow (flows, events, flow context) UDP 2055, 9995 TCP 135 - DCOM External log sources to STRM Event Collectors From all remote managed hosts running Event Collector/Event Processor to the STRM End-user desktop to all STRM hosts All STRM managed hosts to the STRM The STRM to all STRM managed hosts Bi-directional between STRM components From the management interface on the flow source (typically a router) to the QFlow Collector Port 135 and the DCOM port range must be accessible on the target Microsoft Windows host. DCOM typically uses a range of random ports can be configured to use a specific range. For more information, see your Microsoft Windows documentation. Admin interface downloads from the STRM to end-user desktops Deployment editor component downloads from the STRM to end-user desktops Configuration downloads to STRM managed hosts from the STRM Access to the STRM user interface for end users Event data feeds from STRM components When provisioning managed hosts using the Admin interface. Server changes, such as root password and firewalls Configuration data changes are sent back and forth between the STRM and managed hosts Data flows, such as events, flows, flow context, and event search queries NetFlow datagram from components, such as routers Any firewall between STRM and the target Microsoft Windows host must be configured to allow DCOM communication. Release 2010.0 TN30082010-A

3 Table 1 List of Common Ports Used by STRM Components (continued) TCP/UDP 6543 Bi-directional between the Heartbeat ping from a secondary host to a cluster to detect hardware or network failure. TCP/UDP 7789 ICMP TCP/UDP 7800 TCP/UDP 7802 Bi-directional between the Bi-directional between the From the Event Collector to the From the Event Collector to the Testing the network connection between the secondary host and cluster using Distributed Replicated Block Device (DRBD) Testing the network connection between the secondary host and cluster using Internet Control Message Protocol (ICMP) Real-time (streaming) for events and flows Real-time (streaming) for events and flows All the ports listed in Table 1 can be tunneled, by encryption, through port 22 over SSH. TN30082010-A Release 2010.0

Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408-745-2000 www.juniper.net Copyright Notice Copyright 2010 Juniper Networks, Inc. All rights reserved. Juniper Networks and the Juniper Networks logo are registered trademarks of Juniper Networks Inc. in the United States and other countries. All other trademarks, service marks, registered trademarks, or registered service marks in this document are the property of Juniper Networks or their respective owners. All specifications are subject to change without notice. Juniper Networks assumes no responsibility for any inaccuracies in this document or for any obligation to update information in this document. Juniper Networks reserves the right to change, modify, transfer, or otherwise revise this publication without notice.

TN30082010-A Release 2010.0 5

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback