IBM DataPower Operations Dashboard v1.0.20.x
A newer version of this product documentation is available.
You are viewing an older version. View latest at IBM DPOD Documentation.
Firewall Requirements for All-in-One
- Amit Munwes
This diagram visualizes the connections between the DPOD All-in-One instance and the other components on the network, and is followed by a table elaborating the firewall rules that need to be defined for DPOD to be able to communicate with the rest of the components.
It is highly recommended to block any traffic that does not comply to the firewall rules listed below.
From | To | Ports (Defaults) | Protocol | Usage |
|---|---|---|---|---|
DPOD Instance | Each DataPower Gateway | 5550 (TCP) | HTTPS | DataPower Gateway administration SOAP management interface. If the SOMA port is different than 5550 - the port should be changed accordingly. |
5554 (TCP) | HTTPS | DataPower Gateway administration REST management interface. If the ROMA port is different than 5554 - the port should be changed accordingly. | ||
DPOD Instance | DPOD Cloud Agent Manager (the k8s cluster) | 443 (TCP) | HTTPS | Receive Cloud Agent configuration and discovered gateways, access the containerized gateways administration management interface. |
30100-30110 (TCP) | Kafka | Get the containerized gateways collected data (Syslog, WS-M payloads, API-Connect Analytics Offload). | ||
DPOD Instance | DNS Server | 53 (TCP and UDP) | DNS | DNS services. Static IP address may be used. |
DPOD Instance | NTP Server | 123 (UDP) | NTP | Time synchronization |
DPOD Instance | Organizational mail server | 25 / 465 / 587 (TCP) | SMTP/S | Send reports/alerts/shares/etc. by email |
DPOD Instance | LDAP | 389 / 636 (TCP) 3268 / 3269 (TCP) | LDAP/S | Authentication & authorization. Can be over SSL. |
NTP Server | DPOD Instance | 123 (UDP) | NTP | Time synchronization |
Each DataPower Gateway | DPOD Instance | 60000-60009 (TCP) | Syslog | Syslog data |
60020-60029 (TCP) | HTTP | WS-M Payloads (optional) | ||
API-Connect Analytics Ingestion Pods | DPOD Instance | 60020-60029 (TCP) | HTTP/S | API-Connect Analytics Offload (optional) |
DPOD Users IPs | DPOD Instance | 443 (TCP) | HTTPS | DPOD's Web Console |
DPOD Server Admins IPs | DPOD Instance | 22 (TCP) | TCP | SSH |
Copyright © 2015 MonTier Software (2015) Ltd.