HP 3PAR InForm OS Common Criteria Administrator's Reference (QL226-96586, October 2012)
Operating in Common Criteria Mode 12
4 Operating in Common Criteria Mode
This section provides details on HP 3PAR Storage System evaluated configuration
operation in CC mode.
Common Criteria Mode
Common Criteria “mode” operation differs from standard HP 3PAR Storage System
operation in that in this mode only secure (i.e., encrypted) ports can be used. By default,
the HP 3PAR Storage System provides both secure and unsecure ports for performing
operational activities. As part of the installation, or upgrade, of a CC compliant system,
the installer will take some additional steps to force the disabling, or firewalling, of the
unsecured ports on the system. The table below summarizes the network ports available
and their disposition if the HP 3PAR Storage System is installed to operate using secure
ports only (i.e., the port’s availability when operating in CC mode). Further details are
provided in the sections following the table.
Table 4 Network Port Mapping
Port Type Use
Status in
CC mode
Status in
non-CC
mode
22 TCP Listens for SSH client connection Active Active
123 UDP NTP client-server communication port Active Active
161 UDP
HP 3PAR SNMP agent – off-platform SNMP
manager communication port
Visible but
unresponsive
(udp-resposne
only)
Visible/Active
if configured
427 UDP CIM Service Location Protocol (SLP) discovery port
Visible but
unresponsive
(udp-resposne
only)
Visible/Active
if enabled
2540 TCP Unsecured CLI/IMC port (old)
Not visible
(firewalled at
installation)
Visible/Active
if enabled
2550 TCP Secured (SSL) CLI/IMC port (old)
Visible but
closed
Visible/Active
if enabled
5001 TCP TCP diagnostics – factory use only
Visible but
closed
Visible but
closed