Firewall Settings - Entrust nShield Solo Installation Manual
Hide thumbs
Also See for nShield Solo:
- Installation manual (85 pages) ,
- Install manual (52 pages) ,
- Hardware and setup manual (26 pages)
Table of Contents
Advertisement
6.2. Firewall settings
When setting up your firewall, you should ensure that the port settings are compatible
with the HSMs and allow access to the system components you are using. The following
table identifies the ports used by the nShield system components. All listed ports are the
default setting. Other ports may be defined during system configuration, according to
the requirements of your organization.
Component
Hardserver
Hardserver
Hardserver
Remote
Administration
Service
Audit Logging
syslog
If you are using an nShield Edge as a Remote Operator slot for an HSM located
elsewhere, you need to open port 9004. You may restrict the IP addresses to those you
expect to use this port. You can also restrict the IP addresses accepted by the hardserver
in the configuration file. See the User Guide for your module and operating system for
more about configuration files. Similarly if you are setting up the Remote Administration
Service you need to open port 9005.
nShield® Solo and nShield® Solo XC Installation Guide
Default
Use
Port
9000
Internal non-privileged connections from Java
applications including KeySafe
9001
Internal privileged connections from Java applications
including KeySafe
9004
Incoming impath connections from other hardservers,
e.g.:
• From a cooperating client to the remote file system
it is configured to access
• From a non-attended host machine to an attended
host machine when using Remote Operator
9005
Incoming connections from Remote Administration
Clients
514
If you plan to use the Audit Logging facility with remote
syslog or SIEM applications, you need to allow outgoing
connections to the configured UDP port
19 of 49
Advertisement
Table of Contents
Need help?
Do you have a question about the nShield Solo and is the answer not in the manual?