HP Remote Device Access Security Overview for A.05.30 (December 2009)

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software

OptionalConfigurableFunctionDestinationSourcePortsProtocol

RecommendedNoNetwork Time ProtocolNetwork Time ServerVirtual CAS123UDP

RecommendedNoHTTP (Unencrypted) Daily fetch

of HP Class 2 CA certificate

revocation list (CRL)

onsitecrl.verisign.com

or Web Proxy

Virtual CAS80 or web

proxy port

TCP

RecommendedNoOCSP (Online Certificate Status

Protocol) for certificate

revocation check

onsite-ocsp.verisign.comVirtual CAS80TCP

OptionalNoSSH command-line access for

Virtual CAS management

Virtual CASCustomer's SSH

Client

22TCP

OptionalNoEmail notificationsCustomer-Designated

SMTP Server

Virtual CAS25TCP

OptionalNoHTTPS connection to the HP RDA

CAS Kit server to download

updates

h20529.www2.hp.com

or Web Proxy

Virtual CAS443 or

web proxy

port

TCP

B.3 hpVPN

Table B-3 hpVPN Connectivity - Firewall/Port Requirements

OptionalConfigurableFunctionDestinationSourcePortsProtocol

RequiredNoIPSec Encapsulaton for IPSec

tunneling

HP Regional VPN

Router

Customer hpVPN

Router

N/AESP

RequiredNoIPsec Internet Security

Association and Key

Management Protocol

HP Regional VPN

Router

Customer hpVPN

Router

500UDP

RequiredNoIPSec Encapsulaton for IPSec

tunneling

Customer hpVPN

Router

HP Regional VPN

Router

N/AESP

RequiredNoIPsec Internet Security

Association and Key

Management Protocol

Customer hpVPN

Router

HP Regional VPN

Router

500UDP

OptionalNoHTTPS VPN Router Web UICustomer hpVPN

Router

Customer's Web

Browser

443TCP

26 Summary of Network Ports – Remote Device Access