Firewall considerations
When using CORBA probes in conjunction with a firewall, the firewall must be configured so that the probe can connect to the target system.
Most CORBA probes can act as both a server (listening for connections from the target system) and a client (connecting to the port on the target system to which the system writes events). If you are using the probe in conjunction with a firewall, you must add the appropriate firewall rules to enable this dual behavior.
- If the host on which the probe is running is behind a firewall, you must determine what remote host and port number the probe will connect to.
- If the host on which the target system is running is behind a firewall, you must determine the incoming port on which the probe will listen and to which the target system will connect.
- If each host is secured with its own firewall, you must determine
the following four ports:
- The outgoing port (or port range) for the probe.
- The hostname and port of the target system.
- The outgoing port on which the target system sends events if the probe is running as a client.
- The incoming port on which the probe listens for incoming events.
CORBA probes that use EventManager or NotificationManager objects may use different hosts and ports from those that use NamingService and EntryPoint objects. If the probe is configured to get object references from a NamingService or EntryPoint object, you must obtain the host and port information from the system administrator of the target system. When you have this information, you can add the appropriate firewall rules.