Chat now with support
Chat mit Support

Foglight 7.1.0 - Security and Compliance Guide

Security overview
Foglight security measures Customer security measures Security features in Foglight FIPS-compliant mode Disclaimer
Usage feedback Appendix: FISMA compliance

Default port assignments

Table 2. Foglight® Management Server default port assignments

Embedded DB

TCP 15432

Incoming/Outgoing

HTTP

TCP 8080

Incoming

HTTPS

TCP 8443

Incoming

High Availability

UDP 45566
TCP 7800

Incoming/Outgoing

Federation RMI

TCP 1099

Incoming/Outgoing

Federation RMI Service

TCP 4444

Incoming/Outgoing

QP5

TCP 8448

Incoming/Outgoing

High Availability (HA) refers to running a secondary instance of Foglight as a failover backup server (redundant mode). Foglight listens to the multicast port (45566) only when configured for HA mode.

External PostgreSQL®

5432

Outgoing

Microsoft® SQL Server®

1433

Outgoing

Oracle®

1521

Outgoing

MySQLTM

3306

Outgoing

Agent adapter ports

Agent Manager

8080

Incoming

Agent Manager over TLS

8443

Incoming

Java EE Technology Agent

41705

Incoming

Client communication

The Agent Manager connects to the Management Server using the same HTTP(S) ports as the browser interface. The Agent Manager uses the standard URL format to configure the address of the upstream Management Server; therefore if the port number is changed in the Management Server configuration, it is a simple matter to configure the Agent Manager to use the updated port.

Agent Manager instances that are configured to communicate through a concentrator can use any customer-designated port for their communication with that concentrator host. This needs to be configured on both the upstream and downstream Agent Manager instance.

Some agents hosted by the Agent Manager are run out-of-process, and use local TCP connections to communicate with the master Agent Manager process. Two protocols are used for this local communication: legacy RAPSD for agents which are supported by the Agent Manager, and the Agent Manager’s XML-over-HTTP for new agents implemented with the Agent Manager API (this is the same protocol used by the Agent Manager to connect to the upstream Management Server or concentrators). In both cases, the master Agent Manager process listens for local connections on an available port assigned randomly by the OS from the ephemeral port range. In both cases, these ports will only accept connections from localhost; neither case supports encryption for this local-only traffic.

Configuration parameters

The Foglight® Management Server stores its configuration parameters in configuration files within the Foglight directory on the Management Server's file system. When Foglight is launched, the parameters are read and cached internally; the configuration files on disk are not re-read until the Management Server restarts. This allows modification of the configuration files while Foglight is running without affecting real-time processing.

Verwandte Dokumente

The document was helpful.

Bewertung auswählen

I easily found the information I needed.

Bewertung auswählen