Using Sun Management Center With a Firewall

A firewall is a software or hardware device that controls access between networks. The firewall is located where one network connects to another network, for example, at the point where a corporate intranet connects to the global Internet. Due to increased security awareness, many organizations have implemented security policies within their networks using firewall technology. Because the Sun Management Center software uses a distributed architecture model, you must use the es-config to restrict the ports that Sun Management Center uses for firewalls.

The following procedures provide examples of how to use the es-config command to restrict the Sun Management Center firewall port assignments to the port range 6000 to 6150.

To Restrict the Firewall Port Range

1. Log in as root on the Sun Management Center server-layer machine.

2. Locate a range of unused ports.

   See To Determine Whether a Port Is Used.

3. Type /opt/SUNWsymon/sbin/es-config -P 6000:6150.

   ---

   Note –

   The difference between the starting port number and the ending port number must be at least 100.

   ---

   es-config stops all Sun Management Center processes. The port numbers currently assigned to the Sun Management Center components are then displayed. You are then informed that /var/opt/SUNWsymon/cfg/domain-config.x has been updated for the new configuration.

   You are asked whether you want to start the Sun Management Center components.

4. Type y to start the Sun Management Center components, or type n if you do not want to start the components.