Secure Unused TCP/UDP Ports

After installing and configuring the HP VSC, the user should take all steps necessary to ensure the network security of the HP VSC system through the use of ACLs and/or firewalls and by disabling any unneeded network services on the node.

Table 6 lists the required and optional UDP/TCP ports for particular services for inbound connections to the HP VSC.

Table 7 lists required and optional UDP/TCP ports for particular services for outbound connections from the HP VSC.

Optional ports are only required if the network service is in use on the HP VSC.

Table 6: HP VSC UDP/TCP Inbound/Opened Ports

Port

UDP/TCP

Required/

Protocol Notes

 

 

Optional

 

 

 

 

 

 

 

 

 

21/22

TCP

Optional

FTP

 

 

 

 

22

TCP

Optional

SSH

 

 

 

 

23

TCP

Optional

Telnet

 

 

 

 

123

UDP

Required

NTP

 

 

 

 

161/162

UDP

Optional

SNMP ‐ required for SNMP management

 

 

 

 

179

TCP

Required

BGP ‐ required for federated HP VSCs

 

 

 

 

6633

TCP

Required

OpenFlow

 

 

 

 

49152 ‐

UDP

Optional

RADIUS for console user authentication

65535

 

 

dynamically reserves ports in this range

 

 

 

upon initialization of the HP VSC for out‐

 

 

 

going connections and the resulting

 

 

 

response. The ports used in this range

 

 

 

can be viewed with “show system con‐

 

 

 

nections”.

 

 

 

If RADIUS not used, no incoming packets

 

 

 

will be forwarded or processed.

 

 

 

 

 

Table 7: HP VSC UDP/TCP Outbound/Remote Ports

 

 

 

 

Port

UDP/TCP

Required/

Protocol Notes

 

 

Optional

 

 

 

 

 

 

 

 

 

21/22

TCP

Optional

FTP

 

 

 

 

22

TCP

Optional

SSH

 

 

 

 

23

TCP

Optional

Telnet

 

 

 

 

49

TCP

Optional

TACACS+

 

 

 

 

53

UDP/TCP

Required

DNS

 

 

 

 

40 HP VSC Software Installation

Page 40
Image 40
HP Distributed Cloud Networking manual Tcp