Red Hat Training

A Red Hat training course is available for JBoss Enterprise Application Platform Common Criteria Certification

2.4. Connectivity Requirements

The operating system and the Java virtual machine operate according to their specification. These external systems shall be configured in accordance with this guidance.
Any other system with which JBoss Enterprise Application Platform communicates is assumed to be under the same management control and operate under the same security policy constraints as JBoss Enterprise Application Platform.

2.4.1. Cluster Connectivity Requirements

Your JBoss Enterprise Application Platform instances must operate in a network segment that is logically separated from any other network segment using a packet filtering mechanism. This packet filter must only allow incoming communication that meets the following criteria:
  • the network protocol is TCP
  • the destination port is 8080 or 8443
All outgoing communication from one of the JBoss Enterprise Application Platform instances must be allowed.
Each cluster node communicates with the other nodes by means of standard network sockets. Whenever this occurs the client side of each connection has a port number assigned to it by the host operating system from a range of ports that are reserved for client sockets. These ports are referred to as dynamic or ephemeral ports. They are only used by a connection until it is closed. Once the connection is closed the port is made available for use by other new client connections. Refer to your operating system documentation if you need to configure this port range.