White Papers
Additional resources
11 Best Practices for Securing Dell EMC SC Series Storage | BP1082
5 Security scanning
No security analysis would be complete without a review of open IP network protocol ports for a given system.
Nmap, the open source network discovery and security-auditing tool, was used for this purpose. The following
tables list all TCP and UDP ports and services for SCOS and DSM. Not all services are enabled by default.
For each port, the protocol is listed as well as the actual port usage.
In order for SCOS and its associated services to function as expected, these ports must remain open through
any firewalls or switch access control lists that reside in between the SC Series system and storage initiators,
DSM, or secondary services such as NTP. In the case of the Secure Console and SupportAssist services, the
external firewall must accept outbound connections through TCP ports 22 and 443 for SCOS to establish
connections with Dell EMC internet servers.
5.1 SCOS port list
Table 1 and Table 2 list the TCP and UDP ports and services associated with SC Series storage.
SCOS TCP ports and services
TCP port
Protocol
Purpose
Direction
22
SSH
Secure Console service
Outbound
25
SMTP
Sending email notifications
Outbound
80
HTTP
Automatic redirect to HTTPS port
Inbound
88
Kerberos
Secure communication with KDC
Outbound
389
LDAP
Directory access
Outbound
443
HTTPS
Communicating with SC Series applications
SupportAssist
Inbound and
outbound
636
LDAPS
Using LDAP over SSL
Outbound
3033
HTTPS
Dell API
Inbound and
outbound
3205
iSNS
Communication with network servers
Outbound
3260
iSCSI
iSCSI initiator (server or replication source)
Inbound and
outbound
8080
HTTP
Automatic redirect to HTTPS port
Inbound
8443
HTTPS
Communicating with SC Series applications
SupportAssist
Inbound and
outbound