Chapter 3. Security
3.1. Ports Used by CloudForms Management Engine
Table 3.1. Ports Used by CloudForms Management Engine
| Initiator (CFME Role if applicable) | Receiver (CFME Role if applicable) | Application | TCP Port | UDP Port | Purpose |
|---|---|---|---|---|---|
| Administrator (Internet Browser) | CFME Appliance (User Interface) | HTTPS | 443 | Access to CFME Appliance User Interface | |
| Administrator (Internet Browser) | CFME Appliance (User Interface) | HTTP | 80 | Redirect Web Browser to HTTPS service (443) | |
| Service Catalog or other integration through Web Service | CFME Appliance (Web Service) | HTTPS | 443 | Access to CFME Appliance Web Service | |
| CFME Appliance | NFS Server | NFS | 2049 | 2049 | Embedded NFS VM scanning |
| CFME Appliance (User Interface) | Any Virtual Machine | TCP | 903 | VM Remote Console (if using MKS plug-in) | |
| CFME Appliance (User Interface) | Any Hypervisor Host | TCP | 5900 - 5999 | VM Remote Console (if using VNC) | |
| CFME Appliance (any role) | CFME Appliance running the VMDB | PostgreSQL Named Pipes | 5432 | CFME Appliance connectivity to the CFME Database (PostgreSQL) | |
| CFME Subordinate Region VMDB Appliance(Database Synchronization) | CFME Master Region VMDB Appliance | PostgreSQL Named Pipes | 5432 | Regional VMDB node replication up to Master VMDB node (PostgreSQL only) | |
| CFME Appliance (Authentication through LDAP) | LDAP Server (AD or other) | LDAP | 389 | LDAP integration | |
| CFME Appliance (Authentication through LDAPS) | LDAP Server (AD or other) | LDAPS | 636 | LDAPS integration | |
| SNMP Agent | CFME Appliance (Notifier) | SNMP (UDP) | 161 | SNMP Polling | |
| CFME Appliance (Notifier) | SNMP Server | SNMP (TCP) | 162 | SNMP Trap Send | |
| CFME Appliance (Notifier) | Mail server | SMTP | 25 | SNMP Trap Send | |
| CFME Appliance (any role) | NTP Server | NTP | 123 | Time Source | |
| CFME Appliance | CFME SmartProxy installed on VMWare ESX Server | HTTPS | 1139 | Communication with SmartProxy | |
| CFME SmartProxy installed on VMWare ESX Server | CFME Appliance | HTTPS | 443 | SmartProxy Heartbeat | |
| CFME Appliance | DNS Server | UDP | 53 | DNS Lookups |
3.2. Red Hat Enterprise Virtualization Ports Used by CloudForms Management Engine
Table 3.2. Red Hat Enterprise Virtualization Ports Used by CloudForms Management Engine
| Initiator (CFME Role if applicable) | Receiver (CFME Role if applicable) | Application | TCP Port | UDP Port | Purpose |
|---|---|---|---|---|---|
| CFME Appliance (SmartProxy) | RHEV-M Server | HTTPS | 8443 | API communications to RHEV-M environment (Inventory, Operations, SmartProxy) | |
| CFME Appliance (C&U) | RHEV-M Server | PostgreSQL | 5432 | RHEV-M History Database (Database connectivity not enabled by default). See How to access the RHEV-M Postgres DB from a remote machine. | |
| CFME Appliance | RHEV-H Hosts or RHEL Hypervisors | SSH | 22 | SSH connections |
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.