SevOne NMS Port Number Requirements Guide

23 November 2021
Version 1.29
 SevOne NMS Port Number Requirements Guide

Table of Contents
1 Introduction 2
2 Peer Port Assignments 3
2.1 Minimum Ports Required for NMS Cluster Operation 3
2.2 Additional Ports for Hot Standby Appliance (HSA) Deployment 6
2.3 Required Ports for NMS Data Collection 7
2.4 Required Ports for Remote Management 8
2.5 Other Product Integration 9
 
 SevOne NMS Port Number Requirements Guide
SevOne Documentation
All documentation is available from the SevOne Support customer portal.
Copyright © 2018-2021 SevOne Inc., a Turbonomic Company. All rights reserved worldwide.
All right, title, and interest in and to the software and documentation are and shall remain the exclusive property of SevOne and its
respective licensors. No part of this document may be reproduced by any means nor modified, decompiled, disassembled, published
or distributed, in whole or in part, or translated to any electronic medium or other means without the written consent of SevOne.
In no event shall SevOne, its suppliers, nor its licensors be liable for any damages, whether arising in tort, contract, or any other legal
theory even if SevOne has been advised of the possibility of such damages, and SevOne disclaims all warranties, conditions, or other
terms, express or implied, statutory or otherwise, on software and documentation furnished hereunder including without limitation
the warranties of design, merchantability, or fitness for a particular purpose, and non-infringement.
All SevOne marks identified or used on the SevOne website, as updated by SevOne from time to time, may be, or are, registered with
the U.S. Patent and Trademark Office and may be registered or pending registration in other countries. All other trademarks or
registered trademarks contained and/or mentioned herein are used for identification purposes only and may be trademarks or
registered trademarks of their respective companies.

1
 SevOne NMS Port Number Requirements Guide

1 Introduction
SevOne peers communicate with each other to maintain a consistent environment. Each peer needs the following ports open
between each other.

 Encryption
Most ports use TLS as the encryption technology which can be negotiated based on the client and server configuration.
Same is true for SSH. For some ports, the exact encryption method cannot be guaranteed. For example, SSL port 443 is
based on the client's browser.

 If you are on SevOne NMS release prior to 5.7.2.28 and have Virtual IP configured on the NMS Peer(s), you will need to have
exactly the same ports open for the Virtual IP to communicate with the Cluster Master as the inter-process NMS
communication happens over the Virtual IP. Ports must be open on your network to allow the Virtual IP to communicate
with the Cluster Master's Base IP addresses.

2
 SevOne NMS Port Number Requirements Guide

2 Peer Port Assignments

2.1 Minimum Ports Required for NMS Cluster Operation

The minimum port requirement is a list of ports required by PAS and/or Between Peers.

 The port configured for communication with the WMI proxy must be opened in the firewall.

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

ICMP (*) N n/a -> PAS Interpeer Monitoring

-> DNC
ICMP from and to devices and Interpeer
-> PLA
Monitoring
-> HSA
<-> Between Peers

TCP 22 (*) Y SSH-based -> PAS SSH Access - remote login

encryption - can -> DNC
Required for SevOne Data Insight to update or
be configured by -> PLA
Install SOA
an admin user. -> HSA
<-> Between Peers
-> iDRAC
-> Data Insight

TCP 43 N n/a Any peer for out- Used for Autonomous System (AS) name
going connections, resolution in FlowFalcon reports.
two-way traffic
(Optional) This port is used only when user
needs to resolve AS numbers to names.

TCP 80 N n/a -> PAS HTTP, SOAP API, and AJAX Calls - End User
-> DNC Terminal
-> PLA
UI port for Data Insight - Can be configured
-> HSA
using environment variables. Data Insight uses
<-> Between Peers
port 80 to redirect any HTTP (80) requests to
-> Data Insight
HTTPS (443)

TCP 389 N n/a PAS -> LDAP (Clear text) Server port (not used for
secure configurations)

TCP 443 (*) Y TLS-based -> PAS For Livemaps in REST API, the Cluster Master
encryption - can -> DNC and Peer use HTTPS on port 443. If the
be configured by -> HSA connection is unavailable, it falls back and uses
an admin user. <-> Between Peers HTTP on port 80.

TCP 636 Y TLS-based PAS -> LDAP (SSL) Server port

encryption.

TCP 873 N n/a <-> Between Peers RSYNC - Interpeer

TCP 3306 (*) Y TLS-based <-> Between Peers MySQL - Interpeer

encryption.

3
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

TCP 3307 (*) Y TLS-based <-> Between Peers MySQL2 - Interpeer

encryption.

TCP 4443 N n/a Local within one Alerting - Interpeer

appliance

 • Not used post-5.7.2.3.

• Post-5.7.2.17, port is open
only to local (127.0.0.1)
connections.
• Only used internally and not
across peers.

TCP 5050 N n/a Local within one SevOne-masterslaved - Interpeer

appliance

 • Not used post-5.7.2.6.

• Post-5.7.2.23, port is open
only to local (127.0.0.1)
connections.
• Only used internally and not
across peers.

TCP 5051 N n/a -> Export Raw Data Export - SevOne Raw Data Feed
Destination (optional for customer streaming data)

TCP 5162 N n/a <-> Between Peers Read data stored in JSON format, from SevOne
Data Insight to SevOne NMS (Cluster Master)

TCP 8080 N n/a <-> Between Peers REST API version 1.x (SevOne version 5.6.0)

TCP 8081 Y TLS-based -> PAS Apache HTTP (only in versions 5.7 -> 5.7.1.6) -
encryption. -> DNC End User Terminal

TCP 8082 N n/a -> PAS SevOne Data Bus status page (optional /
configured) on by default

TCP 8123 n/a n/a <-> Between Peers Squid (5.7.2), Polipo (5.7.1), Interpeer Proxy
VMware vCenter

TCP 8443 Y TLS-based -> PAS Secure port for SevOne Data Bus status page
encryption - can (optional / configured) off by default
be configured by
an admin user.

TCP 9092 (*) Y TLS-based  <-> Between Peers Apache Kafka

encryption.

TCP, UDP 9094 (*) N n/a -> Cluster Master & Prometheus Clustering:
HSA <-> Peers For Alertmanager high availability clustering

4
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

 Peers connect to the Cluster Master's

port 9094 to report alerts and outages
as part of Prometheus. This port must
be open to other peers in the cluster.

TCP 9443 Y TLS-based Web Browser <-> Port is required for Self Service Upgrades.
encryption Cluster Master

 For Self Service Upgrades, the

Graphical User Interface installer
binds the Cluster Master to TCP 9443
and runs a service (that the user
connects to) through the browser
using HTTPS. If the Graphical User
Interface installer is required, this port
must be exposed.

TCP 9999 N n/a -> PAS SevOne Data Bus to provide host IP address and
port number for JMX server (for debug)
configurable, off by default

TCP 60005 Y TLS-based <-> Between Peers Reserved - Interpeer

encryption.

 Not used post-5.3.x.

TCP 60007 (*) Y ZMQ Curve-based <-> Between Peers SevOne-requestd Reserved - Interpeer
encryption.

TCP 60008 n/a n/a <-> Between Peers Reserved - Interpeer

 Not used post-5.3.x

TCP 60009 n/a n/a <-> Between Peers Reserved - Interpeer

 Not used post-5.3.x

UDP 123 N n/a -> PAS NTP Interpeer Time Sync

-> DNC
NTP - Interpeer and to NTP time source
-> PLA
-> HSA
<-> Between Peers

5
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

UDP 161 N n/a PAS -> SNMP Interpeer Monitoring

DNC ->
SNMP - to Devices and Interpeer
-> PLA
HSA ->
<-> Between Peers

UDP 162 N n/a -> PAS SNMP Trap Interpeer Monitoring and from
-> HSA Devices (optional)
-> PLA
<-> Between Peers

UDP, TCP 514 (**) N n/a PAS -> Syslog

-> PLA
<-> Between Peers

UDP 6831 N n/a -> PAS (Optional) This port is for Tracing. This feature is
for Internal Use Only for the Support Team to
use for troubleshooting. Port UDP 6831 is a
compact-thrift protocol.

UDP 6832 N n/a -> PAS (Optional) This port is for Tracing. This feature is
for Internal Use Only for the Support Team to
use for troubleshooting. Port UDP 6832 is a
binary-thrift protocol.

HTTP 16686 (***) N n/a -> PAS (Optional) This port is for Tracing. This feature is
for Internal Use Only for the Support Team to
use for troubleshooting. Port HTTP 16636 is to
serve the frontend.
(*) denotes that these ports are a must and absolutely required.
(**) denotes that Syslog is configurable.
(***) denotes that it is recommended to open the port when using Graphical User Interface from the web browser.

2.2 Additional Ports for Hot Standby Appliance (HSA) Deployment

The list below is for additional ports required for Hot Standby Appliance.

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

ICMP (*) N n/a -> PAS Interpeer Monitoring

-> DNC
ICMP from and to devices and Interpeer
-> PLA
Monitoring
-> HSA
<-> Between Peers

TCP 22 (*) Y SSH-based -> PAS SSH Access - remote login

encryption - can be -> DNC
configured by -> PLA
an admin user. -> HSA
<-> Between Peers
-> iDRAC

6
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

TCP 25 N n/a PAS -> SMTP - to Mail server

PLA ->
HSA ->

TCP 80 N n/a -> PAS HTTP, SOAP API, and AJAX Calls - End User
-> DNC Terminal
-> PLA
UI port for Data Insight - Can be configured
-> HSA
using environment variables. Data Insight
<-> Between Peers
uses port 80 to redirect any HTTP (80)
-> Data Insight
requests to HTTPS (443)

TCP 443 (*) Y TLS-based -> PAS HTTPS - End User Terminal
encryption - can be -> DNC
UI port for Data Insight - Can be configured
configured by -> PLA
using environment variables. Data Insight
an admin user. -> HSA
uses port 80 to redirect any HTTP (80)
<-> Between Peers
requests to HTTPS (443)
-> iDRAC
-> Data Insight

UDP 123 N n/a -> PAS NTP Interpeer Time Sync

-> DNC
NTP - Interpeer and to NTP time source
-> PLA
-> HSA
<-> Between Peers

UDP 161 N n/a PAS -> SNMP Interpeer Monitoring

DNC ->
SNMP - to Devices and Interpeer
-> PLA
HSA ->
<-> Between Peers

UDP 162 N n/a -> PAS SNMP Trap Interpeer Monitoring and from
-> HSA Devices (optional)
-> PLA
<-> Between Peers

UDP, TCP 53 N n/a -> PAS DNS

-> DNC
-> PLA
-> HSA

(*) denotes that these ports are a must and absolutely required.

2.3 Required Ports for NMS Data Collection

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

UDP 161 N n/a PAS -> SNMP Interpeer Monitoring

DNC ->
SNMP - to Devices and Interpeer
-> PLA

7
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

HSA ->
<-> Between Peers

UDP 162 N n/a -> PAS SNMP Trap Interpeer Monitoring and from
-> HSA Devices (optional)
-> PLA
<-> Between Peers

2.4 Required Ports for Remote Management

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

TCP 22 (*) Y SSH-based -> PAS SSH Access - remote login

encryption - can -> DNC
be configured by -> PLA
an admin user. -> HSA
<-> Between Peers
-> iDRAC

TCP 443 (*) Y TLS-based -> PAS HTTPS - End User Terminal
encryption - can -> DNC
UI port for Data Insight - Can be configured
be configured by -> PLA
using environment variables. Data Insight uses
an admin user. -> HSA
port 80 to redirect any HTTP (80) requests to
<-> Between Peers
HTTPS (443)
-> iDRAC
-> Data Insight prometheus - for main data collection service
(only runs on the Cluster Master and its HSA) -
uses port 80 (for HTTP protocol) and 443 (for
HTTPS protocol).
alertmanager - for main alerting service (only
runs on the Cluster Master and its HSA) - uses
port 80 (for HTTP protocol) and 443 (for HTTPS
protocol).

UDP, TCP 5900 Y 128-bit SSL -> iDRAC iDRAC Virtual console Keyboard and Mouse
encryption. For connection
additional details,
please refer to
https://
www.dell.com/
support/article/
en-us/sln306877/
dell-poweredge-
how-to-configure-
the-idrac9-and-
the-lifecycle-
controller-
network-ip?
lang=en#ports

UDP, TCP 5901 Y 128-bit SSL -> iDRAC iDRAC Virtual console Video connection
encryption. For
additional details,

8
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

please refer to
https://
www.dell.com/
support/article/
en-us/sln306877/
dell-poweredge-
how-to-configure-
the-idrac9-and-
the-lifecycle-
controller-
network-ip?
lang=en#ports
(*) denotes that these ports are a must and absolutely required.

2.5 Other Product Integration

2.5.1 SevOne Data Insight (SDI) Deployment

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

TCP 22 (*) Y SSH-based -> PAS Required for SevOne Data Insight to update or
encryption - can -> Data Insight Install SOA
be configured by
an admin user.

TCP 80 N n/a -> PAS HTTP, SOAP API, and AJAX Calls - End User
-> DNC Terminal
-> PLA
UI port for Data Insight - Can be configured
-> HSA
using environment variables. Data Insight uses
<-> Between Peers
port 80 to redirect any HTTP (80) requests to
-> Data Insight
HTTPS (443)

TCP 443 (*) Y TLS-based -> PAS HTTPS - End User Terminal
encryption - can -> DNC
UI port for Data Insight - Can be configured
be configured by -> PLA
using environment variables. Data Insight uses
an admin user. -> HSA
port 80 to redirect any HTTP (80) requests to
<-> Between Peers
HTTPS (443)
-> iDRAC
-> Data Insight

TCP 2379 - 2380 (*) N n/a -> Data Insight Required only for HA with embedded etcd
Source: K3s server nodes

TCP 3000 (**) N n/a -> Data Insight Required for the Graphical User Interface
Installer.

TCP 3001 (**) N n/a -> Data Insight Required for the Graphical User Interface
Installer.

TCP / UDP 5052 Y TLS-based -> NMS DSPlugin (Data Insight access for its NMS data
encryption - can -> Data Insight source peer)
be configured by
(only required for Data Insight version <= 1.6.0)

9
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

an admin user.

TCP 6443 (*) N n/a -> Data Insight Kuberbetes API Server
Source: K3s agent nodes

TCP 8100 N n/a -> Data Insight SDI stacker service (Web Server)
(only required for Data Insight version <= 1.6.0)

TCP 8101 N n/a -> Data Insight SDI stacker service (Web Socket)
(only required for Data Insight version <= 1.6.0)

TCP 10250 (*) N n/a -> Data Insight Kubelet metrics

Source: K3s server and agent nodes

UDP 6831 N n/a -> PAS (Optional) This port is for Tracing. This feature is
for Internal Use Only for the Support Team to
use for troubleshooting. Port UDP 6831 is a
compact-thrift protocol.

UDP 6832 N n/a -> PAS (Optional) This port is for Tracing. This feature is
for Internal Use Only for the Support Team to
use for troubleshooting. Port UDP 6832 is a
binary-thrift protocol.

UDP 8472 N n/a -> Data Insight Required only for Flannel VXLAN
Source: K3s server and agent nodes

 The nodes need to be able to reach

other nodes over UDP port 8472
when Flannel VXLAN is used. The
node should not listen on any other
port. K3s uses reverse tunneling such
that the nodes make outbound
connections to the server and all
kubelet traffic runs through that
tunnel. However, if you do not use
Flannel and provide your own
custom CNI, then port 8472 is not
needed by K3s.

 IMPORTANT
The VXLAN port on nodes should not
be exposed to the world as it opens
up your cluster network to be

10
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

accessed by anyone. Run your nodes
behind a firewall/security group that
disables access to port 8472.

HTTP 16686 (**) N n/a -> PAS (Optional) This port is for Tracing. This feature is
for Internal Use Only for the Support Team to
use for troubleshooting. Port HTTP 16636 is to
serve the frontend.
(*) denotes that these ports are a must and absolutely required.
(**) denotes that it is recommended to open the port when using Graphical User Interface from the web browser.

2.5.2 SevOne Data Bus (SDB) Deployment 

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

TCP 8082 N n/a -> PAS SevOne Data Bus status page (optional /
configured) on by default

TCP 8443 Y TLS-based -> PAS Secure port for SevOne Data Bus status page
encryption - can (optional / configured) off by default
be configured by
an admin user.

TCP 9092 (*) Y TLS-based  <-> Between Peers Apache Kafka

encryption.

TCP 9443 (**) Y TLS-based Web Browser <-> Port is required for Self Service Upgrades.
encryption. Cluster Master

 For Self Service Upgrades, the

Graphical User Interface installer
binds the Cluster Master to TCP 9443
and runs a service (that the user
connects to) through the browser
using HTTPS. If the Graphical User
Interface installer is required, this port
must be exposed.

TCP 9999 N n/a -> PAS SevOne Data Bus to provide host IP address and
port number for JMX server (for debug)
configurable, off by default.
(*) denotes that these ports are a must and absolutely required.
(**) denotes that it is recommended to open the port when using Graphical User Interface from the web browser.

2.5.3 Solutions Deployment

The following table provides port number requirements for Cisco SDN, Enterprise WiFi Monitoring, and SD-WAN (Nokia-Nuage, Versa,
and Viptela collectors).

11
 SevOne NMS Port Number Requirements Guide

Solution IP (UDP/TCP)/ICMP Direction Purpose

SDN TCP 80 (HTTP) -> PAS The API config / communication port

TCP 443 (HTTPS) -> PAS The API config / communication port
Required for,
• Collection of ACI fabric performance and
status data
• Collection of site information from a
multi-site controller
• Transfer of collected ACI fabric data to
SevOne NMS PAS for processing and
storage

WiFi TCP 80 -> PAS PAS REST API config / collection port

TCP 443 -> PAS The API config / communication port

TCP 3306 -> PAS MySQL port

SD-WAN Nokia-Nuage TCP 443 (Outbound) -> PAS Address: NMS server; for NMS API port

TCP 5672 (Outbound) -> VSD Address: Nuage AMQP server; for Nuage message
(Controller) queue bus; required for Messaging Service
(ActiveMQ) broker 

TCP 6200 (Outbound) -> Elasticsearch Address: Nuage Elasticsearch server; for Nuage
(Controller) statistics (for internal lab only)

TCP 8443 (Outbound) -> PAS Address: Nuage VSD server; for Nuage API

TCP 9200 -> Elasticsearch Address: Nuage Elasticsearch server; for Nuage
(Controller) statistics

TCP 9996 (Outbound) Collector Nodes Address: NMS DNC server; for Flow Augmentor
-> DNC output; required for DNC where the flows are
being sent

Versa TCP 443 (Outbound) -> PAS Address: NMS server; for NMS API port

TCP 3000 (*) -> Collector Required for the Graphical User Interface
Master Installer

TCP 3001 (*) -> Collector Required for the API

Master 

TCP 9182 -> vDirector API port number of targeted vDirector

TCP 9992 (Inbound) -> Collector Flow syslogs from Versa devices
Nodes

TCP 9996(Outbound) Collector Nodes Address: NMS DNC server; for Flow Augmentor
-> DNC output; required for DNC where the flows are
being sent

12
 SevOne NMS Port Number Requirements Guide

Solution IP (UDP/TCP)/ICMP Direction Purpose

TCP 50001 (Inbound) -> Collector Versa Syslogs from Versa Analytics server (The
Nodes port on which the collector listens for non-flow
syslog data sent by Versa Analytics); required for
the log exporter to send UDP data to collector
and Syslog data in kvp format 

Viptela TCP 443 (Outbound) -> vManage Address: vManage server; for Viptela vManage
API
Address: NMS server; for NMS API port

TCP 3000 (*) -> Collector Required for the Graphical User Interface
Master Installer

TCP 3001 (*) -> Collector Required for the API

Master

TCP 9995 (Inbound) -> Collector Flow Augmentor input (The port on which Flow
Nodes Augmentor listens for inbound flows. The port
number can range from 9000 - 33000)

TCP 9996 (Outbound) Collector Nodes Address: NMS DNC server; for Flow Augmentor
-> DNC output; required for DNC where the flows are
being sent
(*) denotes that it is recommended to open the port when using Graphical User Interface from the web browser.

2.5.4 SevOne Performance Logging Appliance (PLA) Deployment

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

ICMP (*) N n/a -> PAS Interpeer Monitoring

-> DNC
ICMP from and to devices and Interpeer
-> PLA
Monitoring
-> HSA
<-> Between Peers

TCP 22 (*) Y SSH-based -> PAS SSH Access - remote login

encryption - can -> DNC
be configured by -> PLA
an admin user. -> HSA
<-> Between Peers
-> iDRAC

TCP 25 N n/a PAS -> SMTP - to Mail server

PLA ->
HSA ->

TCP 80 N n/a -> PAS HTTP, SOAP API, and AJAX Calls - End User
-> DNC Terminal
-> PLA
UI port for Data Insight - Can be configured
-> HSA
using environment variables. Data Insight
<-> Between Peers
uses port 80 to redirect any HTTP (80)
-> Data Insight
requests to HTTPS (443)

13
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

TCP 443 (*) Y TLS-based -> PAS HTTPS - End User Terminal
encryption - can -> DNC
UI port for Data Insight - Can be configured
be configured by -> PLA
using environment variables. Data Insight
an admin user. -> HSA
uses port 80 to redirect any HTTP (80)
<-> Between Peers
requests to HTTPS (443)
-> iDRAC
-> Data Insight

UDP 123 N n/a -> PAS NTP Interpeer Time Sync

-> DNC
NTP - Interpeer and to NTP time source
-> PLA
-> HSA
<-> Between Peers

UDP 161 N n/a PAS -> SNMP Interpeer Monitoring

DNC ->
SNMP - to Devices and Interpeer
-> PLA
HSA ->
<-> Between Peers

UDP 162 N n/a -> PAS SNMP Trap Interpeer Monitoring and from
-> HSA Devices (optional)
-> PLA
<-> Between Peers

UDP 6343 N n/a -> DNC sFlow and Sampled Flow Data to DNC

UDP 9996 N n/a -> DNC Netflow data to DNC

UDP, TCP 53 N n/a -> PAS DNS

-> DNC
-> PLA
-> HSA

UDP, TCP 514 (**) N n/a PAS -> Syslog (** configurable)
-> PLA
<-> Between Peers

(*) denotes that these ports are a must and absolutely required.
(**) denotes that Syslog is configurable.

2.5.5 SevOne Distributed Netflow Connector (DNC) Deployment

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

ICMP (*) N n/a -> PAS Interpeer Monitoring

-> DNC
ICMP from and to devices and Interpeer
-> PLA
Monitoring
-> HSA
<-> Between Peers

14
 SevOne NMS Port Number Requirements Guide

IP (UDP/TCP)/ICMP Encrypted Encryption Type Direction Purpose

TCP 22 (*) Y SSH-based -> PAS SSH Access - remote login

encryption - can -> DNC
be configured by -> PLA
an admin user. -> HSA
<-> Between Peers
-> iDRAC

TCP 80 N n/a -> PAS HTTP, SOAP API, and AJAX Calls - End User
-> DNC Terminal
-> PLA
UI port for Data Insight - Can be configured
-> HSA
using environment variables. Data Insight
<-> Between Peers
uses port 80 to redirect any HTTP (80)
-> Data Insight
requests to HTTPS (443)

TCP 443 (*) Y TLS-based -> PAS HTTPS - End User Terminal
encryption - can -> DNC
UI port for Data Insight - Can be configured
be configured by -> PLA
using environment variables. Data Insight
an admin user. -> HSA
uses port 80 to redirect any HTTP (80)
<-> Between Peers
requests to HTTPS (443)
-> iDRAC
-> Data Insight

TCP 8081 Y TLS-based -> PAS Apache HTTP (only in versions 5.7 -> 5.7.1.6) -
encryption. -> DNC End User Terminal

UDP 123 N n/a -> PAS NTP Interpeer Time Sync

-> DNC
NTP - Interpeer and to NTP time source
-> PLA
-> HSA
<-> Between Peers

UDP 161 N n/a PAS -> SNMP Interpeer Monitoring

DNC ->
SNMP - to Devices and Interpeer
-> PLA
HSA ->
<-> Between Peers

UDP 6343 N n/a -> DNC sFlow and Sampled Flow Data to DNC
(configurable/optional)

UDP 9996 N n/a -> DNC Netflow data to DNC (configurable)

UDP, TCP 53 N n/a -> PAS DNS

-> DNC
-> PLA
-> HSA

(*) denotes that these ports are a must and absolutely required.

15