Chat now with support
Chat with Support

Foglight Evolve 9.0 - Security and Compliance Guide

Security overview
Foglight security measures Customer security measures Security features in Foglight Disclaimer
Security features for APM appliances Usage feedback Appendix: FISMA compliance

Enabling FIPS 140-2 mode for HTTPS traffic

Some customers require that all network traffic be protected with FIPS 140-2 compliant ciphers. The following procedure can be used to configure the Foglight® Management Server to permit the use of specific TLS cipher suites only for communications with its Web server (all traffic over HTTPS).

1
On the Management Server, open the <foglight_home>/server/tomcat/server.xml file for editing.
2
In the server.xml file, locate the following Connector element:
<Connector executor="tomcatThreadPool" maxHttpHeaderSize="8192"
3
Add the following ciphers attribute to the Connector element:

Network ports

The Foglight® installation process allows you to configure port assignments. The default ports are displayed during installation.

Default port assignments

Table 2. Foglight® Management Server default port assignments

Embedded DB

TCP 15432

Incoming/Outgoing

HTTP

TCP 8080

Incoming

HTTPS

TCP 8443

Incoming

High Availability

UDP 45566
TCP 7800

Incoming/Outgoing

Federation RMI

TCP 1099

Incoming/Outgoing

Federation RMI Service

TCP 4444

Incoming/Outgoing

QP5

TCP 8448

Incoming/Outgoing

High Availability (HA) refers to running a secondary instance of Foglight as a failover backup server (redundant mode). Foglight listens to the multicast port (45566) only when configured for HA mode.

External PostgreSQL®

5432

Outgoing

Microsoft® SQL Server®

1433

Outgoing

Oracle®

1521

Outgoing

MySQLTM

3306

Outgoing

Agent adapter ports

Agent Manager

8080

Incoming

Agent Manager over SSL

8443

Incoming

Java EE Technology Agent

41705

Incoming

Related Documents