Oracle ZFS Storage Appliance Security Overview
NFS Authentication and Encryption Options
Active Directory (AD) Domain Mode Authentication
Administrative Operations via the Microsoft Management Console (MMC)
Delay Engine for Timing Attacks
Hypertext Transfer Protocol (HTTP)
Network Data Management Protocol (NDMP)
SSH File Transfer Protocol (SFTP)
|
Minimum Needed Ports:
To provide security on a network, you can create firewalls. Port numbers are used for creating firewalls and uniquely identify a transaction over a network by specifying the host and the service.
The following list shows the minimum ports required for creating firewalls:
Inbound Ports
icmp/0-65535 (PING)
tcp/1920 (EM)
tcp/215 (BUI)
tcp/22 (SSH)
udp/161 (SNMP)
Additional inbound ports if http file sharing is used (typically it is not)
tcp/443 (SSL WEB)
tcp/80 (WEB)
Outbound Ports
tcp/80 (WEB)
Note: For replication, use Generic Routing Encapsulation (GRE) tunnels where possible. This lets traffic run on the back end interfaces and avoid the firewall where traffic could be slowed. If GRE tunnels are not available on the NFS core, you must run replication over the front end interface. In this case, port 216 must also be open.