7.0.8 Insight Remote Support Security White Paper
39
B.11 ProLiant Microsoft Hyper-V Monitored Systems
ProLiant Microsoft Hyper-V Connectivity - Firewall/Port Requirements
Protocol
Ports
Source
Destination
Function
Configurable
Optional
TCP
5989
Hosting Device
Monitored
Systems
Secured WBEM CI-MOM protocol over
HTTPS/SOAP. This port is used to
communicate with WBEM end point nodes.
Yes
Required
UDP
161
Hosting Device
Monitored
Systems
SNMP. This is the standard port used by
SNMP agents on monitored systems. The
Hosting Device sends requests to devices
on this port.
No
Required
TCP
135
Monitored
Systems
Hosting Device
DCE endpoint resolution. Used by DCOM,
and hence, Windows Management
Interface (WMI) and Insight-RS
No
Required
TCP
139
Monitored
Systems
Hosting Device
NETBIOS Session Service. Used by DCOM,
and hence, Windows Management
Interface (WMI) and Insight-RS
No
Required
TCP
7905
Monitored
Systems
Hosting Device
Secure HTTP (HTTPS) port used by the
listener running in the Director's Web
Interface. The monitored host connects to
the Hosting Device on this port (e.g.
https://target.sys.name.here:7905)
No
Required
TCP
49152-
65535
Monitored
Systems
Hosting Device
Windows Server 2008 Windows
Management Interface (WMI)
Communications DCOM dynamic port
assignment. Note that the Hosting Device
can be configured to limit this range. The
source port will always be 135.
No
Required
UDP
137
Monitored
Systems
Hosting Device
NETBIOS Name Service. Used by DCOM,
and hence, Windows Management
Interface (WMI) and Insight-RS
No
Required
UDP
138
Monitored
Systems
Hosting Device
NETBIOS Datagram Service. Used by
DCOM, and hence, Windows Management
Interface (WMI) and Insight-RS
No
Required
UDP
162
Monitored
Systems
Hosting Device
SNMP Trap. This is the standard port used
by SNMP managers for listening to traps.
No
Required
UDP
445
Monitored
Systems
Hosting Device
Microsoft File Sharing. Used by DCOM, and
hence, Windows Management Interface
(WMI) and Insight-RS
No
Required
ICMP
N/A
Hosting Device
Monitored
Systems
Provides system reachability (ping) check
during system discovery and before other
operations.
No
Recommended