立即与支持人员聊天
与支持团队交流

Foglight 5.9.3 - Security and Compliance Guide

Security overview
Foglight security measures Customer security measures Security features in Foglight Disclaimer
Security features for APM appliances Usage feedback Appendix: FISMA compliance

Enabling FIPS 140-2 mode for HTTPS traffic

Some customers require that all network traffic be protected with FIPS 140-2 compliant ciphers. The following procedure can be used to configure the Foglight® Management Server to permit the use of specific TLS cipher suites only for communications with its Web server (all traffic over HTTPS).

1
On the Management Server, open the <foglight_home>/server/tomcat/server.xml file for editing.
2
In the server.xml file, locate the following Connector element:
<Connector executor="tomcatThreadPool" maxHttpHeaderSize="8192"
3
Add the following ciphers attribute to the Connector element:

Network ports

The Foglight® installation process allows you to configure port assignments. The default ports are displayed during installation.

Default port assignments

Table 2. Foglight® Management Server default port assignments

Embedded DB

TCP 15432

Incoming/Outgoing

HTTP

TCP 8080

Incoming

HTTPS

TCP 8443

Incoming

High Availability

UDP 45566
TCP 7800

Incoming/Outgoing

Federation RMI

TCP 1099

Incoming/Outgoing

Federation RMI Service

TCP 4444

Incoming/Outgoing

QP5

TCP 8448

Incoming/Outgoing

High Availability (HA) refers to running a secondary instance of Foglight as a failover backup server (redundant mode). Foglight listens to the multicast port (45566) only when configured for HA mode.

External PostgreSQL®

5432

Outgoing

Microsoft® SQL Server®

1433

Outgoing

Oracle®

1521

Outgoing

MySQLTM

3306

Outgoing

Agent adapter ports

Agent Manager

8080

Incoming

Agent Manager over SSL

8443

Incoming

Java EE Technology Agent

41705

Incoming

相关文档

The document was helpful.

选择评级

I easily found the information I needed.

选择评级