A.05.80 HP Insight Remote Support Advanced and Remote Device Access Security Overview (October 2012)
Protocol Ports Source Destination Function Configurable Optional
CMS
TCP other CAS Target
System
Including
CMS
Customer-specified port and application protocol SSH-
forwarded from HP
Yes Optional
TCP other Customer
Clients
CAS Other access methods for CAS administration Yes Optional
TCP 22 Customer's
SSH Client
Target
System
Including
CMS
SSH Command-line access Yes Optional
Additional Ports for Virtual CAS
Table G.2. Additional Ports for Virtual CAS Connectivity - Firewall/Port Requirements
Protocol Ports Source Destination Function Configurable Optional
TCP 443 Customer's
Web Browser
Virtual CAS HTTPS port for web UI for managing Virtual CAS No Required
UDP 53 Virtual CAS DNS Server Domain Name Service (DNS) - Host name
resolution
No Required
UDP 123 Virtual CAS Network Time Server Network Time Protocol No Recommended
TCP 80 or
web
proxy
port
Virtual CAS onsitecrl.verisign.com
or Web Proxy
HTTP (Unencrypted) Daily fetch of HP Class 2
CA certificate revocation list (CRL)
No Recommended
TCP 80 Virtual CAS onsite- OCSP (Online Certificate Status Protocol) for No Recommended
HP Insight Remote Support Advanced and Remote Device Access (A.05.80)Page 89 of 97
Security Overview
Appendix G: Summary of Network Ports for Remote Device Access