Chat now with support
Chat with Support

Foglight 5.9.4 - Security and Compliance Guide

Security overview
Foglight security measures Customer security measures Security features in Foglight Disclaimer
Security features for APM appliances Usage feedback Appendix: FISMA compliance

Enabling FIPS 140-2 mode for HTTPS traffic

Some customers require that all network traffic be protected with FIPS 140-2 compliant ciphers. The following procedure can be used to configure the Foglight® Management Server to permit the use of specific TLS cipher suites only for communications with its Web server (all traffic over HTTPS).

1
On the Management Server, open the <foglight_home>/server/tomcat/server.xml file for editing.
2
In the server.xml file, locate the following Connector element:
<Connector executor="tomcatThreadPool" maxHttpHeaderSize="8192"
3
Add the following ciphers attribute to the Connector element:

Network ports

The Foglight® installation process allows you to configure port assignments. The default ports are displayed during installation.

Default port assignments

Table 2. Foglight® Management Server default port assignments

Embedded DB

TCP 15432

Incoming/Outgoing

HTTP

TCP 8080

Incoming

HTTPS

TCP 8443

Incoming

High Availability

UDP 45566
TCP 7800

Incoming/Outgoing

Federation RMI

TCP 1099

Incoming/Outgoing

Federation RMI Service

TCP 4444

Incoming/Outgoing

QP5

TCP 8448

Incoming/Outgoing

High Availability (HA) refers to running a secondary instance of Foglight as a failover backup server (redundant mode). Foglight listens to the multicast port (45566) only when configured for HA mode.

External PostgreSQL®

5432

Outgoing

Microsoft® SQL Server®

1433

Outgoing

Oracle®

1521

Outgoing

MySQLTM

3306

Outgoing

Agent adapter ports

Agent Manager

8080

Incoming

Agent Manager over SSL

8443

Incoming

Java EE Technology Agent

41705

Incoming

Related Documents

The document was helpful.

Select Rating

I easily found the information I needed.

Select Rating