Filter
Top Products
313
This appendix contains network requirements, including addresses,
protocols, and ports, of a typical CC-SG deployment. It includes
information about how to configure your network for both external access
and internal security and routing policy enforcement. Details are provided
for the benefit of a TCP/IP network administrator. The TCP/IP
administrator's role and responsibilities may extend beyond that of a CC-
SG administrator. This appendix will assist the administrator in
incorporating CC-SG and its components into a site's security access
and routing policies.
The tables contain the protocols and ports that are needed by CC-SG
and its associated components.
In This Chapter
Required Open Ports for CC-SG Networks: Executive Summary.........313
CC-SG Communication Channels
.........................................................314
Required Open Ports for CC-SG Networks: Executive Summary
The following ports should be opened:
Port Number Protocol Purpose Details
80 TCP HTTP Access to CC-SG Not encrypted.
443 TCP HTTPS (SSL) Access to CC-SG
and
Node Access to Dominion KXII-
connected nodes in Direct
Mode
SSL/AES-128/AES-256
encrypted.
8080 TCP CC-SG to PC Client SSL/AES-128/AES-256 encrypted
if configured.
2400 TCP Node Access (Proxy Mode) This port must be opened per
Raritan device that will be
externally accessed. The other
ports in the table must be opened
only for accessing CC-SG.
Encrypted only for Dominion KX II
devices, release 2.1.10 or higher,
if encryption is set in the device
5000 TCP Node Access (Direct Mode) This port must be opened per
Appendix B
CC-SG and Network Configuration