Understanding HP Systems Insight Manager 6.3 Security
NOTES:
1
All ports are for TCP and UDP (except ICMP).
2
The CMS will normally have all managed system ports open, as the CMS is a managed system itself.
Firewalls may be configured to block these ports if the CMS is not to be managed from another
system.
3
RMI port is used within the CMS for inter-process communication. Connections from outside the CMS
are not accepted, and firewalls may block this port.
4
Many CMS outgoing ports are used for discovery.
5
The exact UDP/TCP ports used by DMI are dynamic and vary from system to system, but they tend to
be around 32,780 and higher.
6
Port number is configurable in mx.properties using MX_SOAP_PORT.
7
Port number is configurable in mx.properties using MX_SOAP_SSO_PORT.
8
Port number is configurable in mx.properties using MX_SOAP_HTTP_PORT; port can be
enabled/disabled in globalsettings.props using HTTP_SOAP_PORT_ENABLE with “true” or “false.”
NOTE: It is not recommended that you enable management protocols such as SNMP or DMI on
systems outside your firewall or directly connected to the Internet.
Vulnerability and Patch Management Pack firewall ports
HP SIM Server
The following ports must be open on the HP SIM server.
Port Protocol Description
280 TCP HP SIM HTTP port
50000 TCP HP SIM HTTPS port
5989 TCP HP SIM Web-Based Enterprise Management
(WBEM)/WMI Mapper Secure Port
22 TCP HP SIM SSH port
50001 TCP HP SIM secure Simple Object Access
Protocol (SOAP) port
161 TCP/UDP SNMP
162 TCP/UDP SNMP traps
VPM Server
The following ports must be open on the VPM server.
NOTE: The following ports are applicable to the CMS only.