Veritas NetBackup™ Appliance Security Guide
- About the NetBackup appliance Security Guide
- User authentication
- User authorization
- Intrusion prevention and intrusion detection systems
- Log files
- Operating system security
- Data security
- Web security
- Network security
- Call Home security
- Remote Management Module (RMM) I security
- STIG and FIPS conformance
- Appendix A. Security release content
About NetBackup appliance ports
In addition to the ports used by NetBackup software, NetBackup appliances also provide for both in-band and out-of-band management. The out-of-band management is through a separate network connection, the Remote Management Module (RMM), and the Intelligent Platform Management Interface (IPMI). You can open these ports through the firewall as appropriate to allow access to the management services from a remote laptop or KVM (keyboard, video monitor, mouse).
Warning:
The NetBackup Appliance Web Console is now available only over HTTPS on the default port 443. Use https://<appliance-name>
to log in to the Web Console, where appliance-name is the fully qualified domain name (FQDN) of the appliance and can also be an IP address.
Note:
Port 80 traffic is redirected to port 443, which is the secure HTTP port.
Table: Inbound ports lists the ports open for inbound communication to the NetBackup Appliance.
Table: Inbound ports
Port | Service | Description |
---|---|---|
22 | ssh | In-band management CLI Note: Port 22 is blocked for the Remote Management Module (RMM). You can enable SSH later. |
443 | HTTPS | In-band management GUI |
2049 | NFS | NFS |
445 | CIFS (for the Log/Install shares) |
+ NetBackup Integrated storage manager
* Veritas Remote Management - Remote Console
Table: Outbound ports lists the ports outbound from the appliance to allow alerts and notifications to the indicated servers.
Table: Outbound ports
Port | Service | Description |
---|---|---|
443 | HTTPS | Call Home notifications to Veritas Download SDCS certificate |
162** | SNMP | Download appliance updates |
22 | SFTP | Log uploads to Veritas |
25 | SMTP | Email alerts |
389 | LDAP | |
636 | LDAPS | |
514 | rsyslog | Log forwarding |
** This port number can be changed within the appliance configuration to match the remote server.
Note:
To see a list of Remote Management Module (RMM) ports, see the following topic:
See RMM ports.
A complete list of all the applicable ports is available in the NetBackup Network Ports Reference Guide.