What ports to I need open in my firewall for Cloud InSights Workload Security to communicate with ONTAP
Applies to
- ONTAP 9+
- Workload Security
Answer
Below are the ports used for communication between ONTAP and the Cloud Secure agent
| Protocol | Port | Destination | Direction | Description |
|---|---|---|---|---|
|
TCP |
389(LDAP) |
LDAP Server URL |
From Cloud Secure to LDAP |
Connect to LDAP |
|
TCP |
443 |
SVM Management IP Address |
From Cloud Secure to ONTAP |
API communication with ONTAP |
|
TCP |
35000 - 55000 |
SVM data LIF IP Addresses |
Bidirectional between ONTAP and Cloud Secure |
Communication with ONTAP for Fpolicy events |
| TCP | 7 (ECHO) | SVM data LIF IP Addresses and Cluster mgmt interface | Bidirectional between ONTAP and Cloud Secure | Bidirectional between ONTAP and Workload Security Agent |
| TCP | 22 | SSH from Agent to cluster mgmt Interface | SSH from Agent to cluster mgmt Interface | SSH from Agent to cluster mgmt Interface |
Additional Information
- When discovering Cloud Volumes ONTAP, ensure that your cloud provider (Azure, AWS, GCP) network security groups are not blocking or overriding your Workload Security / ONTAP firewall rules.
- For more information see Cloud Secure Documentation Center