IBM DataPower Operations Dashboard v1.0.20.x
A newer version of this product documentation is available.
You are viewing an older version. View latest at IBM DPOD Documentation.
Firewall Requirements for All-in-One
- Amit Munwes
This diagram visualizes the connections between the DPOD All-in-One instance and the other components on the network, and is followed by a table elaborating the firewall rules that need to be defined for DPOD to be able to communicate with the rest of the components.
Â
It is highly recommended to block any traffic that does not comply to the firewall rules listed below.
From | To | Ports (Defaults) | Protocol | Usage |
|---|---|---|---|---|
DPOD Instance | Each DataPower Gateway | 5550 (TCP) | HTTPS | DataPower Gateway administration SOAP management interface. If the SOMA port is different than 5550 - the port should be changed accordingly. |
5554 (TCP) | HTTPS | DataPower Gateway administration REST management interface. If the ROMA port is different than 5554 - the port should be changed accordingly. | ||
DPOD Instance | DPOD Cloud Agent Manager (the k8s cluster) | 443 (TCP) | HTTPS | Receive Cloud Agent configuration and discovered gateways, access the containerized gateways administration management interface. |
30100-30110 (TCP) | Kafka | Get the containerized gateways collected data (Syslog, WS-M payloads, API-Connect Analytics Offload). | ||
DPOD Instance | DNS Server | 53 (TCP and UDP) | DNS | DNS services. Static IP address may be used. |
DPOD Instance | NTP Server | 123 (UDP) | NTP | Time synchronization |
DPOD Instance | Organizational mail server | 25 / 465 / 587 (TCP) | SMTP/S | Send reports/alerts/shares/etc. by email |
DPOD Instance | LDAP | 389 / 636 (TCP) 3268 / 3269 (TCP) | LDAP/S | Authentication & authorization. Can be over SSL. |
NTP Server | DPOD Instance  | 123 (UDP) | NTP | Time synchronization |
Each DataPower Gateway | DPOD Instance  | 60000-60009 (TCP) | Syslog | Syslog data |
60020-60029 (TCP) | HTTP | WS-M Payloads (optional) | ||
API-Connect Analytics Ingestion Pods | DPOD Instance  | 60020-60029 (TCP) | HTTP/S | API-Connect Analytics Offload (optional) |
DPOD Users IPs | DPOD Instance  | 443 (TCP) | HTTPS | DPOD's Web Console |
DPOD Server Admins IPs | DPOD Instance  | 22 (TCP) | TCP | SSH |
Â
Copyright © 2015 MonTier Software (2015) Ltd.