Ports used by Integrated Cyber Defense Exchange

book

Article ID: 184911

calendar_today

Updated On:

Products

ICDx

Issue/Introduction

Firewall and/or packet shaper currently blocks access to an Symantec Integrated Cyber Defense Exchange (ICDx) appliance.

Environment

ICDx version 1.3.1 or later

Resolution

If a firewall is enabled, ICDx must have access to the following ports:

Note:

If you are installing on Red Hat Enterprise Linux, the installer automatically runs the pre-install.sh script to open these ports for you.

See Running the ICDx installer.

Table: Ports used by ICDx

Port

Service

Usage

5672

RabbitMQ

Port that the RabbitMQ - AMQP collector, the ICDx sender - AMQP, and the ICDx receiver use.

443 (HTTPS)

NGINX

Port that provides HTTPS web access to ICDx.

80 (HTTP)

NGINX

Port that the -http flag enables. By default, NGINX redirects HTTP traffic to 443 (HTTPS). The installer has the -http flag, which forwards port 80 to 8080 (required for the ICDx senders to work).

5671 (AMQPS)

NGINX

Port that forwards to RabbitMQ port 5672 and is used by the ICDx sender - AMQP, if using SSL.