| sidebar | permalink | keywords | summary |
|---|---|---|---|
sidebar |
vmware/vmware-otv-hardening-ports.html |
VMware, Data protection, security, OTV, Hardening, ONTAP Tools |
Security Hardening Guide for ONTAP tools for VMware vSphere, TCP ports and protocols |
Listed here are the required ports and protocols that enable communication between ONTAP tools for VMware vSphere server and other entities like managed storage systems, servers, and other components.
Please note the table below which lists the inbound and outbound ports required for the proper functioning of ONTAP tools. It is important to ensure that only the ports mentioned in the table are open for connections from remote machines, while all other ports should be blocked for connections from remote machines. This will help ensure the security and safety of your system.
The following table describes the open port details.
| TCP v4/v6 port # | Direction | Function |
|---|---|---|
8143 |
inbound |
HTTPS connections for REST API |
8043 |
inbound |
HTTPS connections |
9060 |
inbound |
HTTPS connections |
22 |
inbound |
SSH (Disabled by default) |
9080 |
inbound |
HTTPS connections - VP and SRA - Internal connections from loopback only |
9083 |
inbound |
HTTPS connections - VP and SRA |
1162 |
inbound |
VP SNMP trap packets |
8443 |
inbound |
Remote Plugin |
1527 |
internal only |
Derby database port, only between this computer and itself, external connections not accepted — Internal connections only |
8150 |
internal only |
Log integrity service runs on port |
443 |
bi-directional |
Used for connections to ONTAP clusters |
Administrators can access the derby database with the following commands. It can be accessed through the ONTAP tools local VM as well as a remote server with the following steps:
java -classpath "/opt/netapp/vpserver/lib/*" org.apache.derby.tools.ij; connect 'jdbc:derby://<OTV-IP>:1527//opt/netapp/vpserver/vvoldb;user=<user>;password=<password>';
Example:
