Insight Remote Support 7.0.9 Security White Paper

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Next Gen Software

G.2 Additional Ports for Virtual CAS

Table H.2 Additional Ports for Virtual CAS Connectivity - Firewall/Port Requirements

Protocol

Ports

Source

Destination

Function

Configurable

Optional

TCP

443

Customer's

Web Browser

Virtual CAS

HTTPS port for web UI for managing

Virtual CAS

No

Required

UDP

53

Virtual CAS

DNS Server

Domain Name Service (DNS) - Host name

resolution

No

Required

UDP

123

Virtual CAS

Network Time Server

Network Time Protocol

No

Recommended

TCP

80 or

web

proxy

port

Virtual CAS

onsitecrl.verisign.com

or Web Proxy

HTTP (Unencrypted) Daily fetch of HP

Class 2 CA certificate revocation list (CRL)

No

Recommended

TCP

80

Virtual CAS

onsite-

ocsp.verisign.com

OCSP (Online Certificate Status Protocol)

for certificate revocation check

No

Recommended

TCP

22

Customer's

SSH Client

Virtual CAS

SSH command-line access for Virtual CAS

management

No

Optional

TCP

25

Virtual CAS

Customer-Designated

SMTP Server

Email notifications

No

Optional

TCP

443 or

web

proxy

port

Virtual CAS

h20529.www2.hp.com

or Web Proxy

HTTPS connection to the HP RDA CAS Kit

server to download updates

No

Optional

TCP

514

Virtual CAS

Logging Server

Syslog remote logging (unencrypted)

Yes

Optional

UDP

514

Virtual CAS

Logging Server

Syslog remote logging (unencrypted)

Yes

Optional

TCP

other

Virtual CAS

Target System

Customer-specified TCP port and

application protocol SSH-forwarded from

HP via the relay application

Yes

Optional

UDP

other

Virtual CAS

Target System

Customer-specified UDP port and

application protocol SSH-forwarded from

HP via the relay application

Yes

Optional