ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

What are the required network protocol ports needed while implementing network access restrictions when deploying Symantec Virtualization Security Manager (VSM)

book

Article ID: 161550

calendar_today

Updated On:

Products

Control Compliance Suite Virtualization Security Manager

Issue/Introduction

What are the required network protocol ports needed while implementing network access restrictions when deploying Symantec Virtualization Security Manager (VSM)

Resolution

 The following tables list the required network protocol ports needed while implementing network access restrictions when deploying VSM.

  VSM inbound traffic requirements

 

Service Name

 

Protocols

 

Ports

 

Interfaces

 

Comments

 

HTTP

 

TCP

 

80

 

All

 

Including custom HTTP ports referenced in the VSM configuration.

 

HTTPS

 

TCP

 

443

 

All

 

Including custom HTTPS ports referenced in the VSM configuration.

 

Ping

 

ICMP

 

Types 8, 11

 

All

 

 

Route Discovery

 

TCP, UDP

 

179, 2602, 2604

 

All

 

Only required for VSM Router Mode deployments. Route discovery services are disabled by default.

 

SNMP v2c

 

TCP, UDP

 

161

 

Network 1

 

SNMP is disabled by default.

 

SSH

 

TCP

 

22

 

All

 

Including custom SSH ports referenced in the VSM configuration.

 

vCenter Server Forwards

 

TCP, UDP

 

165535

 

All

 

vCenter Server plugins and Windows Server can require additional forwards in this port range.

 

vSphere

 

TCP, UDP

 

902, 903

 

All

 

 

                          VSM outbound traffic requirements

 

Service Name

 

Protocols

 

Ports

 

Interfaces

 

Comments

 

Active Directory

 

TCP, UDP

 

88, 389, 636

 

All

 

Active Directory communications LDAP and LDAPS.

 

DNS

 

TCP, UDP

 

53

 

All

 

 

HTTP

 

TCP

 

80

 

All

 

Including custom HTTP ports referenced in the VSM configuration.

 

HTTPS

 

TCP

 

443

 

All

 

Including custom HTTPS ports referenced in the VSM configuration.

 

Ping

 

ICMP

 

Types 8, 11

 

All

 

 

Route Broadcast

 

TCP, UDP

 

179, 2602, 2604

 

All

 

Only required for VSM Router Mode deployments.

 

SMTP

 

TCP

 

25

 

All

 

Required for sending SNMP alerts.

 

SNMP v2c Trap

 

TCP, UDP

 

162

 

All

 

SNMP alerts are disabled by default.

 

SSH

 

TCP

 

22

 

All

 

Including custom SSH ports referenced in the VSM configuration.

 

Syslog

 

TCP, UDP

 

514, 10514

 

All

 

Including custom Syslog ports referenced in the VSM configuration.

 

vCenter Server Forwards

 

TCP, UDP

 

165535

 

All

 

vCenter Server plugins and Windows Server can require additional forwards in this port range.

 

vSphere

 

TCP, UDP

 

902, 903

 

All