Firewall Ports
Figure D-15 shows the connection points between the physical components in an Operations Sentinel Secure enterprise environment. It shows the communication paths and the contact port assignments for Operations Sentinel Console applications. If you place a firewall between any of the components, it must be configured to allow communication for the contact port assignments shown in the communication path.
The firewall must allow access to the following ports. All ports listed are TCP unless noted otherwise.
From Operations Sentinel client applications on an Operations Sentinel workstation
Operations Sentinel Console to a port on a managing Operations Sentinel server
5102
5103
5105
5106
5107
5110
5111
8734
OS 2200 Console View to a port on an Operations Sentinel server that hosts OS 2200 consoles
5009
OS 2200 Console Manager to a port on an Operations Sentinel server that hosts OS 2200 consoles
5009
From Operations Sentinel interfaces to the Operations Sentinel server
Windows Resource Monitor to a port on a managing Operations Sentinel server
5107
From an Operations Sentinel server
Operations Sentinel server logical console multiplexer (VMUX) to a port on an Operations Sentinel server that hosts the OS 2200 consoles
5009
Operations Sentinel Universal Connection Interface to a managed MCP system
Definition of Ports
The following illustrations and accompanying definitions describe the individual contact port assignments and how they are used by the Operations Sentinel services and applications.
tls_spo_pcam 5102/tcp
The port where the PCAM service listens for connections from Operations Sentinel Console clients. The clients are the components of the Operations Sentinel services that execute on the Operations Sentinel server.
tls_spo_log 5103/tcp
The port where the SPLOG service listens for connections from various Operations Sentinel components used by Operations Sentinel Logging to receive control information about Operations Sentinel logs.
tls_spo_vbc 5103/udp
A UDP port that receives status from the OS 2200 console and from the VMUX service on the hosting Operations Sentinel server. The firewall must allow the broadcast from the hosting Operations Sentinel server to the managing server.
tls_spo_amux 5104/tcp
The listening port for the AMUX service where it receives connections from the UCI processes that are launched to handle UNIX, Linux, and MCP connections. Similar to spo_pc, the Windows operating system on which the Operations Sentinel server software is running selects the other end of these connections from the user pool of ports. This port is strictly internal to the managing Operations Sentinel server. The firewall does not have to open it.
tls_spo_alert 5105/tcp
The listening port on the Operations Sentinel server for the SPALS service that receives alerts from the Operations Sentinel server components. These include alerts that Operations Sentinel itself raises and alerts raised by event reports a customer built using the Event Services API. In contrast, the Windows Resource Monitor does not use it. The firewall must allow the workstation to connect to the managing Operations Sentinel server using this TCP port. It also must allow any API clients sending AL event reports and any systems using the UNIX/Linux Resource Monitor to connect to the managing Operations Sentinel server using this TCP port.
tls_spo_log2 5106/tcp
The listening port that receives information, through LG event reports recorded in the Operations Sentinel logs. The firewall must allow the workstation and the Operations Server to connect to the managing Operations Sentinel server using this TCP port.
tls_spo_universal 5107/tcp
The listening port on the Operations Sentinel server used by the universal event server, SPUES, for the receipt of events from Operations Sentinel components. Operations Sentinel supplies agents for managed systems, and customers can write to the agents using the Event Services API library. The firewall must allow the connection to the managing Operations Sentinel server from any network entity that can send Operations Sentinel events. This includes all managed systems and any other nodes running a user- written Operations Sentinel API client.
tls_spo_vci 5009/tcp
The port where the VCI component running on the Operations Server of a ClearPath Dorado Enterprise System listens for connections from the OS 2200 Console interface VMUX service. This is similar to the spo_pc and spo_mcp defined server (listen) ports on other physical machines where Operations Sentinel components connect. The firewall must allow the connection from the managing Operations Sentinel server and each workstation to the Operations Server.
tls_spo_spud 5110/tcp
The listening port on the Operations Sentinel server that is used by the universal data server, SPUD. Communications on this port are within the Operations Sentinel server. Hence, this port does not affect communications outside the Operations Sentinel server.
tls_spo_spurt 5111/tcp
The listening port on the Operations Sentinel server used by the universal runtime server, SPURT, for the receipt of events from the Operations Sentinel Console (OSC). Since the OSC runs on the workstation, the firewall allows the connection from the workstation to the managing Operations Sentinel server through this port.
tls_spo_sporegistryservice-8734/tcp
The listening port on the Operations Sentinel server used by the SpoRegistryService to read and write remote registry entries. The firewall must allow the connection from the managing Operations Sentinel server to the workstation and other components of Operations Sentinel through this port.
Note: To host OS 2200 Console on primary and secondary Operations Sentinel servers, both the servers must have the same connection type (secure or non-secure), and not a combination of both.